search

puppetlabs-toy-chest / wash

Wide Area SHell: a cloud-native shell for bringing remote infrastructure to your terminal.
https://puppetlabs.github.io/wash
Apache License 2.0
180 stars 29 forks source link

ssh transport fails to read identity files prefixed with '~' in SSH config #724

Open ekinanp opened 4 years ago

ekinanp commented 4 years ago

For example, given an ssh config file that's something like

Host *
  AddKeysToAgent yes
  UseKeychain yes
  IdentityFile ~/.ssh/id_rsa
  User root

The SSH transport fails to read ~/.ssh/id_rsa @ https://github.com/puppetlabs/wash/blob/master/transport/ssh.go#L161 b/c ioutil.ReadFile does not read paths prefixed with ~.

We should probably ensure that common UNIX-y paths like ~ are properly expanded before reading the file, but only if that is a common idiom. Given that this issue was filed months after the SSH transport was written, it probably isn't a common idiom and instead a result of me not knowing SSH config file conventions.

ekinanp commented 4 years ago

WORKAROUND: Use absolute paths for identity files in your SSH config.

MikaelSmith commented 4 years ago

This seems to come up repeatedly with config files. There's not a consistent pattern of handling them. https://github.com/golang/go/issues/4140 talks about one perspective on it; in many of Puppet's tools we've chosen to expand tilde.