search

fabric / fabric

Simple, Pythonic remote execution and deployment.
http://fabfile.org
BSD 2-Clause "Simplified" License
14.81k stars 1.94k forks source link

Windows Fabric ignores my env.key_filename but uses id_rsa #1561

Open phpguru opened 7 years ago

phpguru commented 7 years ago

Running in Git-bash on Windows 12 Server.

$ python --version
Python 2.7.13
$ fab --version
Fabric 1.13.1
Paramiko 2.1.1

Fabfile

#!/usr/bin/env python
import os, logging, time

def set_debug():
    logging.basicConfig(level=logging.DEBUG)

def getdate():
    run('date')

Command:

fab -A -H secure.server.com set_debug getdate

Error:

DEBUG:paramiko.transport:Trying discovered key 98b9343a1be86eb29763fc1f22c9b9a8 in C:\Users\phpguru/.ssh/id_rsa

If I add

env.key_filename = 'C:/Users/phpguru/.ssh/secureserver.pem'

then when I run the command, Fabric just hangs.

DEBUG:paramiko.transport:Switch to new keys ... DEBUG:paramiko.transport:Adding ssh-rsa host key for secure.server.com: 478f2730e199684dc7c58058492984f6

In short, I cannot for the life of me figure out how to get Fabric to use a specific SSH key on Windows.

My only workaround has been to add id_rsa.pub to ~/.ssh/authorized_keys on all boxes I want to manage with Fabric.

ploxiln commented 7 years ago

Fabric/paramiko can also use ssh-agent. If you have ssh-agent running correctly, you can ssh-add $keyfile and then fabric/parmiko will use it. (This also helps for "new format" bcrypt-protected keys, which paramiko can't handle on its own.)

bitprophet commented 7 years ago

Not sure why it'd hang on env.key_filename unless the pem file is causing Paramiko to freak out (possible; I believe we have open tickets about certificate support).

@ploxiln is right that you can use an agent for this.

Relatedly, you can disable the id_rsa loading (if desirable; also it's unclear if in your workaround, id_rsa.pub is a public key variant of your secureserver.pem or a wholly separate secret, I'm assuming the latter) via env.no_keys = True (IIRC; it'll be listed in the env docs.)

suchen1992 commented 5 years ago

Hello, I meet the same issue by using windows. fabric version 1.14.0

fabfile.py:

from fabric.api import *    
def test():
    run('pwd')

Fabric hangs when I run:

fab -A -H host_path test

after ssh-add my id_rsa in git-bash.

I think it's maybe because windows have not keychain like Mac OS, ssh-add was just useful only in the same bash console.

I found a solution which was also written by @bitprophet in 2011 https://github.com/fabric/fabric/issues/72 code: local("ssh -A %s '%s'" % (env.host_string, real_command))

If someone finds the other solutions please tell me. thx~