Xpra: Ticket #2567: make ssh connections via paramiko more configurable

OpenSSH supports configuration options, both in its config file and using the command line. We should provide a similar way of setting options:

See also:



Mon, 27 Jan 2020 17:14:08 GMT - Antoine Martin: status, description changed


Mon, 27 Jan 2020 18:08:15 GMT - Antoine Martin: status, description changed; resolution set

Done in r25103.

Self-explanatory examples (add --debug=ssh for debugging):

xpra attach ssh://localhost/ --ssh=paramiko:verify-hostkey=no,auth=none+password
xpra attach ssh://localhost/ --ssh=paramiko:verify-hostkey=yes,verifyhostkeydns=yes,auth=agent+key
xpra attach ssh://localhost/ --ssh=paramiko:verifyhostkeydns=no,auth=password,numberofpasswordprompts=5

Thu, 06 Feb 2020 13:00:58 GMT - Antoine Martin: status changed; resolution deleted

Let's also make it possible to specify the keyfile to use.


Sat, 08 Feb 2020 05:36:31 GMT - Antoine Martin: status changed; resolution set

As of r25180, we can also specify paramiko attributes on the URI, including the key:

XPRA_SSH_DEFAULT_KEYFILES="" xpra attach "ssh://localhost/?key=$HOME/.ssh/id_rsa&auth=key"

The same options can still be specified as a general paramiko attribute:

XPRA_SSH_DEFAULT_KEYFILES="" xpra attach "ssh://localhost/" --ssh="paramiko:key=/home/antoine/.ssh/id_rsa,auth=key"

The new XPRA_SSH_DEFAULT_KEYFILES env var is used in these examples to disable the default ssh key locations.

Important: the old URI format ssh:host/DISPLAY is no longer supported. Parsing such strings was becoming increasingly unwieldy.

See also #2582.


Wed, 12 Feb 2020 14:49:00 GMT - Antoine Martin:

r25180 caused a regression when there is no host config, fixed in r25214


Sat, 23 Jan 2021 05:54:48 GMT - migration script:

this ticket has been moved to: https://github.com/Xpra-org/xpra/issues/2567