CODEWITHSUNDEEP
azureopensslfabricparamikoopenssh
kothvandir
kothvandir

Reputation: 2161

fabric keeps asking for password using SSH connection

I'm trying to connect to a windows azure instance using fabric, but despite I configure ssh conection to execute commands, fabric keeps asking for password.

This is my fabric file:

def azure1():
    env.hosts = ['host.cloudapp.net:60770']
    env.user = 'adminuser'
    env.key_filename = './azure.key'

def what_is_my_name():
    run('whoami')

I run it as:

fab -f fabfile.py azure1  what_is_my_name

or

fab -k -f fabfile.py -i azure.key -H [email protected]:60770 -p password what_is_my_name

But nothing worked, it keeps asking for user password despite I enter it correctly.

Executing task 'what_is_my_name'
run: whoami
Login password for 'adminuser': 
Login password for 'adminuser': 
Login password for 'adminuser': 
Login password for 'adminuser':

If I try to connect directly with ssh, it works perfectly.

ssh -i azure.key -p 60770 [email protected]

I've tried the advises given in other questions (q1 q2 q3) but nothing works.

Any idea what I am doing wrong?

Thank you

Upvotes: 12

Views: 5441

Answers (2)

miraculixx
miraculixx

Reputation: 10349

To debug fabric's ssh connections, add these lines to your fabfile:

import paramiko, os
paramiko.common.logging.basicConfig(level=paramiko.common.DEBUG)

This will print all of paramiko's debug messages. Paramiko is the ssh library that fabric uses.

Note that since Fabric 1.4 you have to specifically enable using ssh config:

env.use_ssh_config = True

(Note: I'm pretty sure absolutely certain that my fabfile used to work with Fabric > 1.5 without this option, but it doesn't now that I upgraded to 1.10).

Upvotes: 7

kothvandir
kothvandir

Reputation: 2161

Finally I found the problem is due to the public-private key pair generation.

I followed the steps provided in windows azure guide, there the keys are generated using openssl, so the process outcomes a public key stored in a pem file you must upload to your instance during creation process.

The problem is that this private key obtained is not correctly recognized by paramiko, so fabric won't work. If you try to open a ssh connection using paramiko from python interpreter:

>>> import paramiko, os
>>> paramiko.common.logging.basicConfig(level=paramiko.common.DEBUG)
>>> ssh = paramiko.SSHClient()
>>> ssh.load_host_keys('private_key_file.key') # private key file generated using openssl
>>> ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
>>> ssh.connect("web1.cloudapp.net",port=56317)

Gives me the error:

DEBUG:paramiko.transport:Trying SSH agent key a9d8dd41609191ebeedbe8df768ad8c9
DEBUG:paramiko.transport:userauth is OK
INFO:paramiko.transport:Authentication (publickey) failed.
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File ".. /paramiko/client.py", line 337, in connect
    self._auth(username, password, pkey, key_filenames, allow_agent, look_for_keys)
  File ".. /paramiko/client.py", line 528, in _auth
    raise saved_exception
paramiko.PasswordRequiredException: Private key file is encrypted

When the key file isn't encrypted.

To solve this, I created the key pair using openssh and then convert the public key to pem to upload it to azure:

# Create key with openssh
ssh-keygen -t rsa -b 2048 -f private_key_file.key

# extract public key and store as x.509 pem format
openssl req -x509 -days 365 -new -key private_key_file.key -out public_key_file.pem

# upload public_key_file.pem file during instance creation

# check connection to instance
ssh -i private_key_file.key -p 63534 [email protected]

This solved the problem.

Upvotes: 9

Related Questions