[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Fab-user] Key-based authentication
From: |
Christian Vest Hansen |
Subject: |
Re: [Fab-user] Key-based authentication |
Date: |
Fri, 13 Jun 2008 00:15:59 +0200 |
I edited the _connect code so you shouldn't have to
set(fab_password=None) in order to please _connect(). Also, sudo() now
only uses a password if one is defined.
It's in both git repos. Hopefully this will make it look a little less
sketchy whenever someone want to do key-based authentication.
On 6/12/08, Christian Vest Hansen <address@hidden> wrote:
> Can you post a working fabfile configured to use SSH keys?
>
> I'de like to document this in the tutorial.
>
>
> On 6/12/08, Christian Vest Hansen <address@hidden> wrote:
> > Alright, I'm glad you figured it out - this is good stuff to know as
> > there's a high likelyhood that others will run into the same problems.
> >
> >
> >
> > On 6/12/08, Sergey Kirillov <address@hidden> wrote:
> > > Hi Christian,
> > >
> > > Yes, I saw that.
> > >
> > > It works now. I had to set 'fab_password': None in order to bypass 'if
> > > 'fab_password' not in ENV:' check in _connect(). But now sudo() does not
> > > work because it tries to do
> > > 'stdin.write(env['fab_password'])' and fails there with
> > > exception.
> > >
> > > To solve this I've updated /etc/sudoers and have listed all commands
> that
> > > need to be executed as passwordless. So instead of sudo() I'm using
> > > run('sudo dosomething'), and it works like a charm.
> > >
> > > Deployment user does not have password at all, and I can give people
> access
> > > to deployment just by adding their SSH public keys into
> > > ~/.ssh/authorized_keys of deployment user.
> > >
> > >
> > >
> > >
> > > Christian Vest Hansen wrote:
> > >
> > > > I haven't tried key-based authentication myself, but Fabric will relay
> > > > any fab_pkey and fab_key_filename to the SSHClient.connect method in
> > > > paramiko:
> > > >
> > > >
> > > http://www.lag.net/paramiko/docs/paramiko.SSHClient-class.html#connect
> > > >
> > > > Hope that helps.
> > > >
> > > >
> > >
> > >
> >
> >
> >
> > --
> > Venlig hilsen / Kind regards,
> > Christian Vest Hansen.
> >
>
>
> --
> Venlig hilsen / Kind regards,
> Christian Vest Hansen.
>
--
Venlig hilsen / Kind regards,
Christian Vest Hansen.
- [Fab-user] Key-based authentication, Sergey Kirillov, 2008/06/11
- Re: [Fab-user] Key-based authentication, Christian Vest Hansen, 2008/06/12
- Re: [Fab-user] Key-based authentication, Sergey Kirillov, 2008/06/12
- Re: [Fab-user] Key-based authentication, Christian Vest Hansen, 2008/06/12
- Re: [Fab-user] Key-based authentication, Christian Vest Hansen, 2008/06/12
- Re: [Fab-user] Key-based authentication,
Christian Vest Hansen <=
- Re: [Fab-user] Key-based authentication, Sergey Kirillov, 2008/06/13
- Re: [Fab-user] Key-based authentication, Christian Vest Hansen, 2008/06/13
- Re: [Fab-user] Key-based authentication, Sergey Kirillov, 2008/06/14