Closed luksak closed 1 month ago
fubarhouse
commented
3 years ago Could you please try the following things:
main branchIf needed, you can also try eval $(ssh-agent)
luksak
commented
3 years ago Sorry for replying this late. I have issues building pygmy-go:
make build
docker build -t pygmy-go .
Sending build context to Docker daemon 1.806MB
Step 1/20 : FROM golang:alpine as builder
---> 722a834ff95b
Step 2/20 : LABEL stage=builder
---> Using cache
---> b778495f69a7
Step 3/20 : COPY main.go /go/src/github.com/fubarhouse/pygmy-go/
---> Using cache
---> dac6457d2e4d
Step 4/20 : COPY go.sum /go/src/github.com/fubarhouse/pygmy-go/
---> Using cache
---> 160dc161e18f
Step 5/20 : COPY go.mod /go/src/github.com/fubarhouse/pygmy-go/
---> Using cache
---> a45fe154129c
Step 6/20 : COPY cmd/ /go/src/github.com/fubarhouse/pygmy-go/cmd/
---> Using cache
---> b5d2e1974f74
Step 7/20 : COPY service/ /go/src/github.com/fubarhouse/pygmy-go/service/
---> Using cache
---> d225754cb646
Step 8/20 : WORKDIR /go/src/github.com/fubarhouse/pygmy-go/
---> Using cache
---> c61b49760704
Step 9/20 : RUN GO111MODULE=on GOOS=linux GOARCH=386 go build -o pygmy-go-linux .
---> Running in 3018b88ef0c1
go: downloading github.com/spf13/viper v1.7.1
go: downloading github.com/mitchellh/go-homedir v1.1.0
go: downloading github.com/spf13/cobra v1.1.3
go: downloading github.com/docker/docker v17.12.0-ce-rc1.0.20200515202545-dd16f2f21984+incompatible
go: downloading github.com/ghodss/yaml v1.0.0
go: downloading github.com/logrusorgru/aurora v2.0.3+incompatible
go: downloading github.com/mattn/go-colorable v0.1.8
go: downloading github.com/docker/go-connections v0.4.0
go: downloading github.com/fsnotify/fsnotify v1.4.9
go: downloading github.com/hashicorp/hcl v1.0.0
go: downloading github.com/magiconair/properties v1.8.1
go: downloading github.com/mitchellh/mapstructure v1.3.0
go: downloading github.com/pelletier/go-toml v1.7.0
go: downloading github.com/spf13/afero v1.2.2
go: downloading github.com/spf13/cast v1.3.1
go: downloading github.com/spf13/jwalterweatherman v1.1.0
go: downloading github.com/spf13/pflag v1.0.5
go: downloading github.com/subosito/gotenv v1.2.0
go: downloading gopkg.in/ini.v1 v1.56.0
go: downloading gopkg.in/yaml.v2 v2.4.0
go: downloading github.com/mattn/go-isatty v0.0.12
go: downloading golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9
go: downloading golang.org/x/text v0.3.2
go: downloading github.com/docker/go-units v0.4.0
go: downloading google.golang.org/grpc v1.32.0
go: downloading github.com/containerd/containerd v1.4.1
go: downloading github.com/docker/distribution v2.7.1+incompatible
go: downloading github.com/sirupsen/logrus v1.6.0
go: downloading github.com/opencontainers/image-spec v1.0.1
go: downloading github.com/gogo/protobuf v1.3.1
go: downloading github.com/opencontainers/go-digest v1.0.0
go: downloading github.com/pkg/errors v0.9.1
go: downloading golang.org/x/net v0.0.0-20200513185701-a91f0712d120
go: downloading google.golang.org/genproto v0.0.0-20200117163144-32f20d992d24
go: downloading github.com/golang/protobuf v1.3.3
service/library/library.go:10:2: missing go.sum entry for module providing package github.com/imdario/mergo (imported by github.com/fubarhouse/pygmy-go/service/library); to add:
go get github.com/fubarhouse/pygmy-go/service/library
The command '/bin/sh -c GO111MODULE=on GOOS=linux GOARCH=386 go build -o pygmy-go-linux .' returned a non-zero code: 1
make: *** [Makefile:6: build] Error 1I couldn't replicate what you came up with, but I've added a verification step to the make process. This should work help out under similar circumstances.
Could you please check out the branch make-verify and ensure the git tree is clean and try again? This process also runs in CI without any errors, but these changes do not impact this.
You can see the changes below:
luksak
commented
3 years ago Could you please check out the branch make-verify and ensure the git tree is clean and try again? This process also runs in CI without any errors, but these changes do not impact this.
Ok, that worked.
Now I get this error:
pygmy-go addkey ~/.ssh/id_rsa
zsh: exec format error: pygmy-go
lind101
commented
3 years ago I have had this same problem running on MacOS 10.15.7
From my primitive investigations I wan't able to find where the list of default keys was generated. I think this section here is responsible (https://github.com/fubarhouse/pygmy-go/blob/main/cmd/addkey.go#L46)
// addkeyCmd is the SSH key add command.
var addkeyCmd = &cobra.Command{
Use: "addkey",
Example: "pygmy addkey --key ~/.ssh/id_rsa",
Short: "Add/re-add an SSH key to the agent",
Long: `Add or re-add an SSH key to Pygmy's SSH Agent by specifying the path to the private key.`,
Run: func(cmd *cobra.Command, args []string) {
Key, _ := cmd.Flags().GetString("key")
Keys := []string{}
if Key != "" {
Keys = append(Keys, Key)
} else {
if _, err := os.Stat(os.Args[len(os.Args)-1]); err == os.ErrExist {
Keys = append(c.Keys, os.Args[len(os.Args)-1])
}
if len(Keys) == 0 {
library.Setup(&c)
Keys = c.Keys
}
}
...
}
}
As far as I can tell the code on Line 46 is responsible for finding any keys? But at this point os.Args[len(os.Args)-1] is addkey which when you put it through stat results in <nil> stat addkey: no such file or directory;
Unfortuantly, I'm not sure what this code is trying to do to be much more help! (I'm not paricularly well versed in Go). Equally I may have missunderstood how the default values are suppose to work if --key isn't provided!
A workaround for now is to add each key individually using: pygmy-go addkey --key /path/to/key/id_rsa
Hope that helps a bit!
Feng-Shui
commented
3 years ago I've run into the same thing with the ARM fork from @tobybellwood
ssh-add -l lists my key but then:
> pygmy addkey ~/.ssh/id_rsa.pub
The agent has no identities.OS 11.5.2 on Apple M1
audacus
commented
2 years ago Using macOS 11.6 on Intel.
Today I used v0.8.0 and also built it from source (darwin-amd64), both times with the same result:
$ pygmy-go addkey --key ~/.ssh/id_rsa
$ pygmy-go status
[*] amazeeio-ssh-agent: Running as container amazeeio-ssh-agent
[*] amazeeio-mailhog: Running as container amazeeio-mailhog
[*] amazeeio-haproxy: Running as container amazeeio-haproxy
[*] Resolv MacOS Resolver is properly connected
The agent has no identities.
- http://docker.amazee.io/stats (amazeeio-haproxy)
- http://mailhog.docker.amazee.io (amazeeio-mailhog)I'm not a go programmer at all but I added some log messages, for example here: https://github.com/fubarhouse/pygmy-go/blob/main/service/library/sshkeyadd.go#L51
...
// We need tighter control on the output of this container...
for _, line := range strings.Split(string(l), "\n") {
if strings.Contains(line, "Identity added:") {
fmt.Println(line)
} else {
fmt.Println("line does not contain 'Identity added:'")
fmt.Println(line)
}
}
...And so I got following output:
...
line does not contain 'Identity added:'
-Enter passphrase for /Users/dbu/.ssh/id_rsa:
...This output appears when running pygmy-go up and pygmy-go addkey --key ~/.ssh/id_rsa.
But not when running pygmy-go addkey.
It seems like the problem occurs with passphrase protected keys. It doesn't forward the prompt for the passphrase of the key to the user.
fubarhouse
commented
2 years ago It seems like the problem occurs with passphrase protected keys.
Pygmy now validates SSH keys before adding them, without the proper passphrase being passed in the validation will now fail.
Feel free to try again, but please do not expect passphrase-protected ssh keys to work - yet.
luksak
commented
2 years ago @fubarhouse ok, now pygmy warns about the ssh key not working:
./builds/pygmy-linux-amd64-static up
Already Running amazeeio-ssh-agent
Already Running amazeeio-dnsmasq
Already Running amazeeio-haproxy
Already Running amazeeio-mailhog
Already connected amazeeio-ssh-agent to amazeeio-network
Already connected amazeeio-haproxy to amazeeio-network
Already connected amazeeio-mailhog to amazeeio-network
[ ] Passcode not provided for SSH key /home/USER/.ssh/id_rsa
- http://docker.amazee.io/stats (amazeeio-haproxy)
- http://mailhog.docker.amazee.io (amazeeio-mailhog)How could this be fixed? Protecting ssh keys with a passphrase is a good idea :smile:
fubarhouse
commented
2 years ago I would also love to solve this problem, but the solutions aren't exactly ideal or in line with pygmy right now...
amazeeio-ssh-agent container. It's not exactly in-line with pygmy and would change the UX/DX however it would actually solve the problem.ssh-add in the containers would need to accept a passphrase input non-interactively - it currently does not.stdin when being created, and this is the solution I want - I just need to figure out how to get it to work with pygmy's design - this will likely be the solution that we adopt.fubarhouse
commented
2 years ago Key point here is that the breakages, the unexpected behavior is now gone - and the state is reported if a key cannot be used. It's an interim solution, but it goes a long way to solving this issue.
luksak
commented
2 years ago Ok, thanks for your explanation.
I can only say that plain text passphrases sound bad...
Is there a chance we could borrow this from pygmy-legacy? It is working there.
fubarhouse
commented
2 years ago Is there a chance we could borrow this from pygmy-legacy? It is working there.
The solution isn't compatible - though I do have an incomplete piece of work which half does the trick. I just have to figure out the rest of it and to get it working.
luksak
commented
2 years ago Alrighty. I'd be happy to test and provide feedback once you have a working version.
tobybellwood
commented
2 years ago The entire ssh-agent system needs a rework/replacement here, as it is not strictly supported in the later versions of the compose file, and is a known incompatibility with some of the docker-compose v2 functionality.
rocketeerbkw
commented
6 months ago This is fixed in v0.12.0
Describe the bug On Fedora
pygmyadds my ssh key, butpygmy-godoesn't.To Reproduce Steps to reproduce the behavior:
pygmy-go uppygmy-go addkey:Expected behavior The ssh key should be added just as it works with
pygmyAdditional context I am using Fedora 33.