Class: Oxidized::SSHBase
- Inherits:
-
Input
- Object
- Input
- Oxidized::SSHBase
show all
- Defined in:
- lib/oxidized/input/sshbase.rb
Direct Known Subclasses
SCP, SSH
Constant Summary
collapse
- RESCUE_FAIL =
{
Net::SSH::Disconnect => :debug,
Net::SSH::ConnectionTimeout => :debug,
Net::SSH::AuthenticationFailed => :warn,
Net::SSH::HostKeyUnknown => :warn
}.freeze
Instance Attribute Summary
Attributes included from Input::CLI
#node
Class Method Summary
collapse
Instance Method Summary
collapse
Methods inherited from Input
config_name, #config_name, to_sym, #to_sym
Methods included from Input::CLI
#connect_cli, #disconnect_cli, #get, #initialize, #login, #newline, #password, #post_login, #pre_logout, #username
#vars
Class Method Details
.rescue_fail ⇒ Object
14
15
16
|
# File 'lib/oxidized/input/sshbase.rb', line 14
def self.rescue_fail
super.merge(RESCUE_FAIL)
end
|
Instance Method Details
#cmd(**_args) ⇒ Object
Methods to implement in subclasses
98
99
100
|
# File 'lib/oxidized/input/sshbase.rb', line 98
def cmd(**_args)
raise NotImplementedError, "Subclasses must implement cmd"
end
|
#connect(node) ⇒ Object
rubocop:disable Naming/PredicateMethod
18
19
20
21
22
23
24
|
# File 'lib/oxidized/input/sshbase.rb', line 18
def connect(node) @node = node
@node.model.cfg[config_name].each { |cb| instance_exec(&cb) }
logger.debug "Connecting to #{@node.name}"
@ssh = Net::SSH.start(@node.ip, @node.auth[:username], make_ssh_opts)
connected?
end
|
#connected? ⇒ Boolean
26
27
28
|
# File 'lib/oxidized/input/sshbase.rb', line 26
def connected?
@ssh && (not @ssh.closed?)
end
|
#disconnect ⇒ Object
85
86
87
88
89
90
91
92
93
94
95
|
# File 'lib/oxidized/input/sshbase.rb', line 85
def disconnect
disconnect_cli
Timeout.timeout(@node.timeout) do
@ssh.close
end
rescue Errno::ECONNRESET, Net::SSH::Disconnect, IOError => e
logger.debug 'The other side closed the connection while ' \
"disconnecting, raising #{e.class} with #{e.message}"
rescue Timeout::Error
logger.debug "#{@node.name} timed out while disconnecting"
end
|
#make_ssh_opts ⇒ Object
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
# File 'lib/oxidized/input/sshbase.rb', line 30
def make_ssh_opts
ssh_opts = {
number_of_password_prompts: 0,
keepalive: vars(:ssh_no_keepalive) ? false : true,
verify_host_key: must_secure? ? :always : :never,
append_all_supported_algorithms: true,
password: @node.auth[:password],
timeout: @node.timeout,
port: (vars(:ssh_port) || 22).to_i,
forward_agent: false
}
auth_methods = vars(:auth_methods) || %w[none publickey password]
ssh_opts[:auth_methods] = auth_methods
logger.debug "AUTH METHODS::#{auth_methods}"
if vars(:ssh_proxy)
ssh_opts[:proxy] = make_ssh_proxy_command(
vars(:ssh_proxy), vars(:ssh_proxy_port), must_secure?
)
end
ssh_opts[:keys] = [vars(:ssh_keys)].flatten if vars(:ssh_keys)
ssh_opts[:kex] = vars(:ssh_kex).split(/,\s*/) if vars(:ssh_kex)
ssh_opts[:encryption] = vars(:ssh_encryption).split(/,\s*/) if vars(:ssh_encryption)
ssh_opts[:host_key] = vars(:ssh_host_key).split(/,\s*/) if vars(:ssh_host_key)
ssh_opts[:hmac] = vars(:ssh_hmac).split(/,\s*/) if vars(:ssh_hmac)
ssh_logger = SemanticLogger[Net::SSH]
config_debug = Oxidized.config.input.debug
if config_debug == true ||
(config_debug.is_a?(String) && config_debug.downcase.include?('library'))
ssh_logger.level = :debug
else
ssh_logger.level = :fatal
end
ssh_opts[:logger] = ssh_logger
ssh_opts
end
|
#make_ssh_proxy_command(proxy_host, proxy_port, secure) ⇒ Object
75
76
77
78
79
80
81
82
83
|
# File 'lib/oxidized/input/sshbase.rb', line 75
def make_ssh_proxy_command(proxy_host, proxy_port, secure)
return nil unless !proxy_host.nil? && !proxy_host.empty?
proxy_command = "ssh "
proxy_command += "-o StrictHostKeyChecking=no " unless secure
proxy_command += "-p #{proxy_port} " if proxy_port
proxy_command += "#{proxy_host} -W [%h]:%p"
Net::SSH::Proxy::Command.new(proxy_command)
end
|
#must_secure? ⇒ Boolean
71
72
73
|
# File 'lib/oxidized/input/sshbase.rb', line 71
def must_secure?
Oxidized.config.input[config_name].secure? == true
end
|