#2685 closed defect (invalid)
New paramiko default mode doesn't work, --ssh=ssh still does
| Reported by: | jgarvin | Owned by: | jgarvin |
|---|---|---|---|
| Priority: | major | Milestone: | 4.0 |
| Component: | client | Version: | 3.0.x |
| Keywords: | Cc: |
Description (last modified by )
Summary pretty much says it all
On the client:
~$ xpra --version xpra v3.0.7-r25627
On the server:
$ xpra --version xpra v3.0.6-r25195
How I generated debug output on the client:
~$ xpra start ssh:myhost --start="xterm" -d all &> output # fails
~$ xpra start ssh:myhost --start="xterm" -d all --ssh=ssh &> output_ssh # succeeded, then I closed and ctrl+c'd
Attachments (4)
Change History (10)
Changed 13 months ago by
comment:1 Changed 13 months ago by
Should have mentioned the error is
2020-03-29 11:41:03,432 Authentication (publickey) faile
d.
Regular ssh into the machine from the command line works, as does xpra with --ssh=ssh.
comment:2 Changed 13 months ago by
Also possibly relevant is I use a ProxyCommand in my ssh config (I detect whether my laptop dock is connected, and if so I assume I have ethernet via it directly into a machine on the network, instead of going over the internet). Will attach...
Changed 13 months ago by
| Attachment: | maybe-proxy.sh added |
|---|
Changed 13 months ago by
comment:3 Changed 13 months ago by
| Description: | modified (diff) |
|---|---|
| Owner: | changed from Antoine Martin to jgarvin |
From the log: the client is running Ubuntu Eoan. (no idea about the server - doesn't matter)
FYI: for ssh debugging, -d ssh is enough, -d all is very verbose.
What is in the proxy command script /home/prophet/etc/systemd/maybe_proxy.sh myhost?
Does it require the public keys to do its job? Are they unlocked by the agent?
It looks as if the server only supports auth_publickey?
You may want to try the latest 4.0-RC builds: https://xpra.org/beta, as those may give better debug output.
comment:4 Changed 12 months ago by
Only just noticed the ProxyCommand script... and it is invoked as:
ProxyCommand ~/etc/systemd/maybe_proxy.sh %h
I think that the problem is that we don't replace %h.
r26047 fixes that, can you try it?
comment:5 Changed 12 months ago by
| Resolution: | → invalid |
|---|---|
| Status: | new → closed |
Bug fix in r26057 then the whole thing has been removed in r26058 because paramiko does token substitution for us already (doh!): http://docs.paramiko.org/en/stable/api/config.html: We support most SSH config expansion tokens where possible, so when they are present in a config file source, the result of a SSHConfig.lookup will contain the expansions/substitutions (based on the rest of the config or properties of the local system).
And sure enough, your log had:
found proxycommand='/home/prophet/etc/systemd/maybe_proxy.sh myhost' for host 'myhost'
Also verified by adding a simple entry in my .ssh/config:
Host test_local Hostname localhost ProxyCommand nc %h 22
And the -d ssh output shows paramiko using nc localhost 22.
So this was not the problem.
Then I also tested your script example using:
#!/bin/bash
if [ "1" == "1" ]; then
exec nc $1 22
else
exec ssh -Y localhost nc $1 22
fi
(and changing the if statement to test both branches)
This also worked fine.
My guess is that this is a problem with keys or agent, not xpra.
comment:6 Changed 3 months ago by
this ticket has been moved to: https://github.com/Xpra-org/xpra/issues/2685
copyleft 2010 - 2021
output