Question: how to load the keys from the agent?

[ghost]

I tried to run uptime in one host:

apssh -t 'testserver.org' uptime

But it failed with this error message:

Unexpected exception in create_connection Passphrase must be specified to import encrypted private keys
root@testserver.org[22]:Connection failed:('UNHANDLED', KeyImportError('Passphrase must be specified to import encrypted private keys',))

My private SSH keys are already loaded in the SSH agent. ssh will work if apssh have run the command "ssh inf-p-trh001.mdc.gameloft.org". How can I make apssh run ssh without any check, to avoid the exception below?

Thanks.

[parmentelat]

OK, so first off, apssh does not fork ssh, but instead relies on the asyncssh library. In addition it's really only very alpha/pre-mature at this point. That's why you are likely to find a great deal of limitations in apssh that ssh would not suffer from. Please note that my immediate and primary target for apssh is in the context of an experimental testbed that has no direct connectivity. On this specific issue, I guessapssh would need to prompt for a passphrase and call import_private_key in some way. Feel free send pull requests if you get around to addressing this before I do.

[parmentelat]

Just an update on this After checking with asyncssh's developer. it seems like the feature is already natively present in the library, so this should essentially work right out the box If you can give me details on what your setup exactly is wrt ssh-agent I can take a closer look These details could cover :

• how you intend to communicate to apssh where the agent should be found, (environment variable ?)
• the list of keys known to the agent
• how you specify to pssh the key to be used

thanks for heads up in any case

[ghost]

Hello Parmentelat,

Yes, I communicate with the SSH agent with these environment variables:

SSH_AUTH_SOCK=/tmp/ssh-eba9dg6Ll7du/agent.19677; export SSH_AUTH_SOCK;
SSH_AGENT_PID=19678; export SSH_AGENT_PID;
#echo Agent pid 19678;

And my host aliases are stored in ~/.ssh/config. For "ssh tux", I use:

    Host tux
        Hostname ftp.tuxfamily.org
        User asher256

I hope this could help you to solve the issue. apssh looks very promising as a replacement for the old mussh.

[parmentelat]

Hi asher256

I have just issued version 0.2.1 that has support for fetching keys at an ssh agent

• please see the related section in README for details of the logic that I chose to implement; and feel free to give me feedback if you believe this needs more tweaks
• also please note that I have not been able to perform very thorough testing of these features yet, so consider it alpha-release for now

BTW I have also added support for 2-hops ssh connections, if that's of any interest to you..

in any case your feedback is more than welcome

thanks for your interest -- Thierry

[parmentelat]

Is this issue fixed for you in the latest release of apssh ?

pip3 install --upgrade apssh

[ghost]

Thank you for the fix. I will try it and let you know once the test is done!

[ghost]

You have solved the ssh agent's bug successfully. Thank you.

But I've noticed something else:

apssh works well when I use user@fqdn:

$ apssh  -t 'root@desktop.testserver.org' uptime
desktop.home.org: 23:22:23 up 5 days,  2:33,  2 users,  load average: 0.00, 0.00, 0.00

But it doesn't work when I use the alias:

$ apssh  -t 'root@desktop' uptime

The alias is configured in ~/.ssh/config:

      Host desktop
                Hostname desktop.testserver.org

[parmentelat]

I'm closing this issue, and will create issue #3 with this alias business