Open daltenbern3 opened 2 years ago
I have the same problem!
This is definitely and issue. Hoping that something can be done about it soon.
Finally! Hopefully someone will look into this!
Agreed.
Let's make this happen.
Very happy this made it into the backlog! Seems it's been raised a few times, but never got enough support to go anywhere.
Just gathering context from the previous issues raised with both the Remote Dev team and CyberArk.
The default way VS Code passes the install script to the remote host is to pipe the script (as a string?) to the SSH command.
CyberArk PSM uses a jump server to handle the username/password authentication and then connects to the target server from there.
Because the install script is piped, the jump server attempts to run it before the connection has been established to the target (see fig. 1). There are a couple reasons this won't work:
I'm thinking this ultimately won't work because the jump box will still try to execute everything piped to the SSH command before attempting to connect to the target box.
Something like this:
Potential drawback is that the user may need to authenticate twice. Personally, this is better than not being able to connect at all. And if this were an option in settings.json, it would not affect users that do not need to use this method. However, using an SFTP client, I am freely able to pass files back and forth without having to authenticate every time (but maybe this is somehow different).
Hello Any update on the progress of the issue?
I, and several other developers and data scientists, are having this same issue right now when trying to develop remotely on a CyberArk managed server. Has there been any further action on this request to make the install script over sftp a configurable option? Maybe have an option for the user to run the script one time after the first connection? In this day and time of heightened cybersecurity practices and zero trust many more organizations are likely to be using CyberArk as part of their cybersecurity posture. This issue is likely to be encountered more frequently.
i agree with @wgm32 . Many companies which require highly secure infrastructure are using cyberark. due to this issue , people in companies using cyber ark will not be able to do remote development.this issue should be fixed. people are using air gapped/proxied environment with cyberark so direct internet access is also not allowed
Many times vscode makes the remote linux server irresponsive and hangs the system. I have a t2.micro instance on aws with ubuntu installed which I sometimes connect remotely using vscode. 50% of the time it brings down the remote system and I need to reboot the instance. I am not sure what it is doing remotely but someone needs to seriously look into this extension and make it more lightweight and failproof.
Any news regarding this issue?
Issue #4129 For reference: https://github.com/microsoft/vscode-remote-release/issues/4129
Due to issues with CyberArk truncating the initialization script, it is impossible to use the Remote Development extension when connecting to a host through CyberArk.
I would suggest an option that allows the connection script to be sent via SFTP to the remote host then executed afterward. This would force the user to type their credentials in twice but would only be enabled if the user so chooses.
This would allow users who are locked behind a CyberArk Proxy Server to be able to use this extension, while not changing the experience for any standard users.