def __init__(self, hostname, port=DEFAULT_SSH_PORT, username=None, password=None, bastion_host=None, key_files=None, key_material=None, timeout=None, passphrase=None): """ Authentication is always attempted in the following order: - The key passed in (if key is provided) - Any key we can find through an SSH agent (only if no password and key is provided) - Any "id_rsa" or "id_dsa" key discoverable in ~/.ssh/ (only if no password and key is provided) - Plain username/password auth, if a password was given (if password is provided) """ self.hostname = hostname self.port = port self.username = username self.password = password self.key_files = key_files self.timeout = timeout or ParamikoSSHClient.CONNECT_TIMEOUT self.key_material = key_material self.bastion_host = bastion_host self.passphrase = passphrase self.ssh_config_file = os.path.expanduser( cfg.CONF.ssh_runner.ssh_config_file_path or '~/.ssh/config' ) self.logger = logging.getLogger(__name__) self.client = None self.sftp_client = None self.bastion_client = None self.bastion_socket = None
def __init__( self, hostname, port=22, username=None, password=None, key=None, key_files=None, key_material=None, timeout=None ): """ Authentication is always attempted in the following order: - The key passed in (if key is provided) - Any key we can find through an SSH agent (only if no password and key is provided) - Any "id_rsa" or "id_dsa" key discoverable in ~/.ssh/ (only if no password and key is provided) - Plain username/password auth, if a password was given (if password is provided) """ if key_files and key_material: raise ValueError(("key_files and key_material arguments are " "mutually exclusive")) self.hostname = hostname self.port = port self.username = username if username else cfg.CONF.system_user self.password = password self.key = key if key else cfg.CONF.system_user.ssh_key_file self.key_files = key_files if not self.key_files and self.key: self.key_files = key # `key` arg is deprecated. self.timeout = timeout or ParamikoSSHClient.CONNECT_TIMEOUT self.key_material = key_material self.client = paramiko.SSHClient() self.client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) self.logger = logging.getLogger(__name__) self.sftp = None
def __init__(self, hostname, port=22, username=None, password=None, key=None, key_files=None, key_material=None, timeout=None): """ Authentication is always attempted in the following order: - The key passed in (if key is provided) - Any key we can find through an SSH agent (only if no password and key is provided) - Any "id_rsa" or "id_dsa" key discoverable in ~/.ssh/ (only if no password and key is provided) - Plain username/password auth, if a password was given (if password is provided) """ if key_files and key_material: raise ValueError(('key_files and key_material arguments are ' 'mutually exclusive')) self.hostname = hostname self.port = port self.username = username if username else cfg.CONF.system_user self.password = password self.key = key if key else cfg.CONF.system_user.ssh_key_file self.key_files = key_files if not self.key_files and self.key: self.key_files = key # `key` arg is deprecated. self.timeout = timeout or ParamikoSSHClient.CONNECT_TIMEOUT self.key_material = key_material self.client = paramiko.SSHClient() self.client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) self.logger = logging.getLogger(__name__) self.sftp = None
def __init__( self, hostname, port=DEFAULT_SSH_PORT, username=None, password=None, bastion_host=None, key_files=None, key_material=None, timeout=None, passphrase=None, handle_stdout_line_func=None, handle_stderr_line_func=None, ): """ Authentication is always attempted in the following order: - The key passed in (if key is provided) - Any key we can find through an SSH agent (only if no password and key is provided) - Any "id_rsa" or "id_dsa" key discoverable in ~/.ssh/ (only if no password and key is provided) - Plain username/password auth, if a password was given (if password is provided) """ self.hostname = hostname self.port = port self.username = username self.password = password self.key_files = key_files self.timeout = timeout self.key_material = key_material self.bastion_host = bastion_host self.passphrase = passphrase self.ssh_connect_timeout = cfg.CONF.ssh_runner.ssh_connect_timeout self._handle_stdout_line_func = handle_stdout_line_func self._handle_stderr_line_func = handle_stderr_line_func self.ssh_config_file = os.path.expanduser( cfg.CONF.ssh_runner.ssh_config_file_path or "~/.ssh/config") if self.timeout and int( self.ssh_connect_timeout) > int(self.timeout) - 2: # the connect timeout should not be greater than the action timeout self.ssh_connect_timeout = int(self.timeout) - 2 self.logger = logging.getLogger(__name__) self.client = None self.sftp_client = None self.bastion_client = None self.bastion_socket = None self.socket = None
def __init__(self, hostname, port=22, username=None, password=None, bastion_host=None, key_files=None, key_material=None, timeout=None, passphrase=None): """ Authentication is always attempted in the following order: - The key passed in (if key is provided) - Any key we can find through an SSH agent (only if no password and key is provided) - Any "id_rsa" or "id_dsa" key discoverable in ~/.ssh/ (only if no password and key is provided) - Plain username/password auth, if a password was given (if password is provided) """ if key_files and key_material: raise ValueError(('key_files and key_material arguments are ' 'mutually exclusive')) if passphrase and not (key_files or key_material): raise ValueError( 'passphrase should accompany private key material') credentials_provided = password or key_files or key_material if not credentials_provided and cfg.CONF.system_user.ssh_key_file: key_files = cfg.CONF.system_user.ssh_key_file self.hostname = hostname self.port = port self.username = username if username else cfg.CONF.system_user self.password = password self.key_files = key_files self.timeout = timeout or ParamikoSSHClient.CONNECT_TIMEOUT self.key_material = key_material self.bastion_host = bastion_host self.passphrase = passphrase self.logger = logging.getLogger(__name__) self.client = None self.sftp_client = None self.bastion_client = None self.bastion_socket = None
def __init__(self, hostname, port=22, username=None, password=None, bastion_host=None, key_files=None, key_material=None, timeout=None, passphrase=None): """ Authentication is always attempted in the following order: - The key passed in (if key is provided) - Any key we can find through an SSH agent (only if no password and key is provided) - Any "id_rsa" or "id_dsa" key discoverable in ~/.ssh/ (only if no password and key is provided) - Plain username/password auth, if a password was given (if password is provided) """ if key_files and key_material: raise ValueError(('key_files and key_material arguments are ' 'mutually exclusive')) if passphrase and not (key_files or key_material): raise ValueError('passphrase should accompany private key material') credentials_provided = password or key_files or key_material if not credentials_provided and cfg.CONF.system_user.ssh_key_file: key_files = cfg.CONF.system_user.ssh_key_file self.hostname = hostname self.port = port self.username = username if username else cfg.CONF.system_user self.password = password self.key_files = key_files self.timeout = timeout or ParamikoSSHClient.CONNECT_TIMEOUT self.key_material = key_material self.bastion_host = bastion_host self.passphrase = passphrase self.logger = logging.getLogger(__name__) self.client = None self.sftp_client = None self.bastion_client = None self.bastion_socket = None
def __init__(self, hostname, port=DEFAULT_SSH_PORT, username=None, password=None, bastion_host=None, key_files=None, key_material=None, timeout=None, passphrase=None): """ Authentication is always attempted in the following order: - The key passed in (if key is provided) - Any key we can find through an SSH agent (only if no password and key is provided) - Any "id_rsa" or "id_dsa" key discoverable in ~/.ssh/ (only if no password and key is provided) - Plain username/password auth, if a password was given (if password is provided) """ self.hostname = hostname self.port = port self.username = username self.password = password self.key_files = key_files self.timeout = timeout or ParamikoSSHClient.CONNECT_TIMEOUT self.key_material = key_material self.bastion_host = bastion_host self.passphrase = passphrase self.ssh_config_file = os.path.expanduser( cfg.CONF.ssh_runner.ssh_config_file_path or '~/.ssh/config') self.logger = logging.getLogger(__name__) self.client = None self.sftp_client = None self.bastion_client = None self.bastion_socket = None
from st2common.constants.keyvalue import SYSTEM_SCOPE, USER_SCOPE from st2common.exceptions.keyvalue import ( CryptoKeyNotSetupException, InvalidScopeException, ) from st2common.log import logging from st2common.util import isotime from st2common.util import date as date_utils from st2common.util.crypto import read_crypto_key, symmetric_encrypt, symmetric_decrypt from st2common.models.api.base import BaseAPI from st2common.models.system.keyvalue import UserKeyReference from st2common.models.db.keyvalue import KeyValuePairDB __all__ = ["KeyValuePairAPI", "KeyValuePairSetAPI"] LOG = logging.getLogger(__name__) class KeyValuePairAPI(BaseAPI): crypto_setup = False model = KeyValuePairDB schema = { "type": "object", "properties": { "id": { "type": "string" }, "uid": { "type": "string" }, "name": {
from st2common.constants.keyvalue import SYSTEM_SCOPE, USER_SCOPE from st2common.exceptions.keyvalue import CryptoKeyNotSetupException, InvalidScopeException from st2common.log import logging from st2common.util import isotime from st2common.util import date as date_utils from st2common.util.crypto import read_crypto_key, symmetric_encrypt, symmetric_decrypt from st2common.models.api.base import BaseAPI from st2common.models.system.keyvalue import UserKeyReference from st2common.models.db.keyvalue import KeyValuePairDB __all__ = [ 'KeyValuePairAPI', 'KeyValuePairSetAPI' ] LOG = logging.getLogger(__name__) class KeyValuePairAPI(BaseAPI): crypto_setup = False model = KeyValuePairDB schema = { 'type': 'object', 'properties': { 'id': { 'type': 'string' }, "uid": { "type": "string" }, 'name': {