Ma/mscp
1
0
Fork 0
mirror of https://github.com/upa/mscp.git synced 2026-02-04 03:24:58 +08:00
Code Issues Packages Projects Releases 1 Wiki Activity

add two env vars to pass password/keyphrase (#9)

Browse Source 
MSCP_SSH_AUTH_PASSWORD passes a password, and MSCP_SSH_AUTH_PASSPHRASE
passes a passphrase for publickey auth. They enable avoiding interactive
password input. Test cases are also added.
This commit is contained in:
Ryo Nakamura
2024-02-06 10:35:38 +09:00
parent 9908fb309d
commit ff45d9d71b
11 changed files with 172 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
Dockerfile/almalinux-9.3.Dockerfile
View File

@@ -8,10 +8,21 @@ RUN python3 -m pip install pytest
# preparation for sshd # preparation for sshd
RUN mkdir /var/run/sshd \ RUN mkdir /var/run/sshd \
&& ssh-keygen -A \ && ssh-keygen -A \
&& ssh-keygen -f /root/.ssh/id_rsa -N "" \ && ssh-keygen -f /root/.ssh/id_rsa -N "" \
&& mv /root/.ssh/id_rsa.pub /root/.ssh/authorized_keys && cat /root/.ssh/id_rsa.pub > /root/.ssh/authorized_keys
# create test user
RUN useradd -m -d /home/test test \
&& echo "test:userpassword" | chpasswd \
&& mkdir -p /home/test/.ssh \
&& ssh-keygen -f /home/test/.ssh/id_rsa_test -N "keypassphrase" \
&& cat /home/test/.ssh/id_rsa_test.pub >> /home/test/.ssh/authorized_keys \
&& chown -R test:test /home/test \
&& chown -R test:test /home/test/.ssh
RUN rm -rf /run/nologin
ARG mscpdir="/mscp" ARG mscpdir="/mscp"

18
Dockerfile/alpine-3.19.Dockerfile
View File

@@ -9,10 +9,20 @@ RUN apk add --no-cache \
RUN pip3 install --break-system-packages conan RUN pip3 install --break-system-packages conan
# preparation for sshd # preparation for sshd
RUN ssh-keygen -A RUN ssh-keygen -A \
RUN mkdir /var/run/sshd \ && mkdir /var/run/sshd \
&& ssh-keygen -f /root/.ssh/id_rsa -N "" \ && ssh-keygen -f /root/.ssh/id_rsa -N "" \
&& mv /root/.ssh/id_rsa.pub /root/.ssh/authorized_keys && cat /root/.ssh/id_rsa.pub > /root/.ssh/authorized_keys
# create test user
RUN addgroup -S test \
&& adduser -S test -G test \
&& echo "test:userpassword" | chpasswd \
&& mkdir -p /home/test/.ssh \
&& ssh-keygen -f /home/test/.ssh/id_rsa_test -N "keypassphrase" \
&& cat /home/test/.ssh/id_rsa_test.pub >> /home/test/.ssh/authorized_keys \
&& chown -R test:test /home/test \
&& chown -R test:test /home/test/.ssh
# Build mscp as a single binary # Build mscp as a single binary

16
Dockerfile/rocky-8.9.Dockerfile
View File

@@ -8,10 +8,22 @@ RUN python3 -m pip install pytest
# preparation for sshd # preparation for sshd
RUN mkdir /var/run/sshd \ RUN mkdir /var/run/sshd \
&& ssh-keygen -A \ && ssh-keygen -A \
&& ssh-keygen -f /root/.ssh/id_rsa -N "" \ && ssh-keygen -f /root/.ssh/id_rsa -N "" \
&& mv /root/.ssh/id_rsa.pub /root/.ssh/authorized_keys && cat /root/.ssh/id_rsa.pub > /root/.ssh/authorized_keys
# create test user
RUN useradd -m -d /home/test test \
&& echo "test:userpassword" | chpasswd \
&& mkdir -p /home/test/.ssh \
&& ssh-keygen -f /home/test/.ssh/id_rsa_test -N "keypassphrase" \
&& cat /home/test/.ssh/id_rsa_test.pub >> /home/test/.ssh/authorized_keys \
&& chown -R test:test /home/test \
&& chown -R test:test /home/test/.ssh
RUN rm -rf /run/nologin
ARG mscpdir="/mscp" ARG mscpdir="/mscp"

15
Dockerfile/rocky-9.3.Dockerfile
View File

@@ -8,10 +8,21 @@ RUN python3 -m pip install pytest
# preparation for sshd # preparation for sshd
RUN mkdir /var/run/sshd \ RUN mkdir /var/run/sshd \
&& ssh-keygen -A \ && ssh-keygen -A \
&& ssh-keygen -f /root/.ssh/id_rsa -N "" \ && ssh-keygen -f /root/.ssh/id_rsa -N "" \
&& mv /root/.ssh/id_rsa.pub /root/.ssh/authorized_keys && cat /root/.ssh/id_rsa.pub > /root/.ssh/authorized_keys
# create test user
RUN useradd -m -d /home/test test \
&& echo "test:userpassword" | chpasswd \
&& mkdir -p /home/test/.ssh \
&& ssh-keygen -f /home/test/.ssh/id_rsa_test -N "keypassphrase" \
&& cat /home/test/.ssh/id_rsa_test.pub >> /home/test/.ssh/authorized_keys \
&& chown -R test:test /home/test \
&& chown -R test:test /home/test/.ssh
RUN rm -rf /run/nologin
ARG mscpdir="/mscp" ARG mscpdir="/mscp"

14
Dockerfile/ubuntu-20.04.Dockerfile
View File

@@ -12,9 +12,19 @@ RUN python3 -m pip install pytest
# preparation for sshd # preparation for sshd
RUN mkdir /var/run/sshd \ RUN mkdir /var/run/sshd \
&& ssh-keygen -A \
&& ssh-keygen -f /root/.ssh/id_rsa -N "" \ && ssh-keygen -f /root/.ssh/id_rsa -N "" \
&& mv /root/.ssh/id_rsa.pub /root/.ssh/authorized_keys && cat /root/.ssh/id_rsa.pub > /root/.ssh/authorized_keys
# create test user
RUN useradd -m -d /home/test test \
&& echo "test:userpassword" | chpasswd \
&& mkdir -p /home/test/.ssh \
&& ssh-keygen -f /home/test/.ssh/id_rsa_test -N "keypassphrase" \
&& cat /home/test/.ssh/id_rsa_test.pub >> /home/test/.ssh/authorized_keys \
&& chown -R test:test /home/test \
&& chown -R test:test /home/test/.ssh
ARG mscpdir="/mscp" ARG mscpdir="/mscp"

17
Dockerfile/ubuntu-22.04.Dockerfile
View File

@@ -12,9 +12,20 @@ RUN python3 -m pip install pytest
# preparation for sshd # preparation for sshd
RUN mkdir /var/run/sshd \ RUN mkdir /var/run/sshd \
&& ssh-keygen -f /root/.ssh/id_rsa -N "" \ && ssh-keygen -A \
&& mv /root/.ssh/id_rsa.pub /root/.ssh/authorized_keys && ssh-keygen -f /root/.ssh/id_rsa -N "" \
&& cat /root/.ssh/id_rsa.pub > /root/.ssh/authorized_keys
# create test user
RUN useradd -m -d /home/test test \
&& echo "test:userpassword" | chpasswd \
&& mkdir -p /home/test/.ssh \
&& ssh-keygen -f /home/test/.ssh/id_rsa_test -N "keypassphrase" \
&& cat /home/test/.ssh/id_rsa_test.pub >> /home/test/.ssh/authorized_keys \
&& chown -R test:test /home/test \
&& chown -R test:test /home/test/.ssh
ARG mscpdir="/mscp" ARG mscpdir="/mscp"

18
doc/mscp.1.in
View File

@@ -236,6 +236,24 @@ Prints help.
.SH EXIT STATUS .SH EXIT STATUS
Exit status is 0 on success, and >0 if an error occurs. Exit status is 0 on success, and >0 if an error occurs.
.SH ENVIRONMENT
.PP
.B mscp
recognizes the following environment variables.
.TP
.B MSCP_SSH_AUTH_PASSWORD
This environment variable passes a password for password
authentication to establish SSH connections.
.TP
.B MSCP_SSH_AUTH_PASSPHRASE
This environment variable passes a passphrase for public-key
authentication for establishing SSH connections.
.SH NOTES .SH NOTES
.PP .PP

15
doc/mscp.rst
View File

@@ -2,7 +2,7 @@
MSCP MSCP
==== ====
:Date: v0.1.3 :Date: v0.1.3-15-g9908fb3
NAME NAME
==== ====
@@ -147,6 +147,19 @@ EXIT STATUS
Exit status is 0 on success, and >0 if an error occurs. Exit status is 0 on success, and >0 if an error occurs.
ENVIRONMENT
===========
**mscp** recognizes the following environment variables.
**MSCP_SSH_AUTH_PASSWORD**
This environment variable passes a password for password
authentication to establish SSH connections.
**MSCP_SSH_AUTH_PASSPHRASE**
This environment variable passes a passphrase for public-key
authentication for establishing SSH connections.
NOTES NOTES
===== =====

11
include/mscp.h
View File

@@ -72,6 +72,17 @@ struct mscp_ssh_opts {
bool enable_nagle; /** enable Nagle's algorithm if true */ bool enable_nagle; /** enable Nagle's algorithm if true */
}; };
/** @def
* Environment variable that passes password for ssh password auth
*/
#define ENV_SSH_AUTH_PASSWORD "MSCP_SSH_AUTH_PASSWORD"
/** @def
* Environment vraible that passes passphrase for private key
*/
#define ENV_SSH_AUTH_PASSPHRASE "MSCP_SSH_AUTH_PASSPHRASE"
/** /**
* @struct mscp_stats * @struct mscp_stats
* @brief Structure to get mscp statistics * @brief Structure to get mscp statistics

4
src/main.c
View File

@@ -344,6 +344,10 @@ int main(int argc, char **argv)
} }
} }
s.password = getenv(ENV_SSH_AUTH_PASSWORD);
s.passphrase = getenv(ENV_SSH_AUTH_PASSPHRASE);
if (argc - optind < 2) { if (argc - optind < 2) {
/* mscp needs at lease 2 (src and target) argument */ /* mscp needs at lease 2 (src and target) argument */
usage(false); usage(false);

49
test/test_e2e.py
View File

@@ -12,16 +12,16 @@ from subprocess import check_call, CalledProcessError, PIPE
from util import File, check_same_md5sum from util import File, check_same_md5sum
def run2ok(args): def run2ok(args, env = None):
cmd = list(map(str, args)) cmd = list(map(str, args))
print("cmd: {}".format(" ".join(cmd))) print("cmd: {}".format(" ".join(cmd)))
check_call(cmd) check_call(cmd, env = env)
def run2ng(args): def run2ng(args, env = None):
cmd = list(map(str, args)) cmd = list(map(str, args))
print("cmd: {}".format(" ".join(cmd))) print("cmd: {}".format(" ".join(cmd)))
with pytest.raises(CalledProcessError) as e: with pytest.raises(CalledProcessError) as e:
check_call(cmd) check_call(cmd, env = env)
""" usage test """ """ usage test """
@@ -401,3 +401,44 @@ def test_config_ng(mscp, src_prefix, dst_prefix):
os.remove(config) os.remove(config)
src.cleanup() src.cleanup()
dst.cleanup() dst.cleanup()
# username test assumes that this test runs inside a container, see Dockerfiles
def test_specify_passphrase_via_env(mscp):
src = File(os.getcwd() + "/src", size = 1024).make()
dst = File("/home/test/dst")
env = os.environ
env["MSCP_SSH_AUTH_PASSPHRASE"] = "keypassphrase"
run2ok([mscp, "-H", "-vvv", "-l", "test", "-i", "/home/test/.ssh/id_rsa_test",
src.path, "localhost:" + dst.path], env = env)
assert check_same_md5sum(src, dst)
src.cleanup()
dst.cleanup()
def test_specify_invalid_passphrase_via_env(mscp):
src = File(os.getcwd() + "/src", size = 1024).make()
dst = File("/home/test/dst")
env = os.environ
env["MSCP_SSH_AUTH_PASSPHRASE"] = "invalid-keypassphrase"
run2ng([mscp, "-H", "-vvv", "-l", "test", "-i", "/home/test/.ssh/id_rsa_test",
src.path, "localhost:" + dst.path], env = env)
src.cleanup()
def test_specify_password_via_env(mscp):
src = File(os.getcwd() + "/src", size = 1024).make()
dst = File("/home/test/dst")
env = os.environ
env["MSCP_SSH_AUTH_PASSWORD"] = "userpassword"
run2ok([mscp, "-H", "-vvv", "-l", "test",
src.path, "localhost:" + dst.path], env = env)
assert check_same_md5sum(src, dst)
src.cleanup()
dst.cleanup()
def test_specify_invalid_password_via_env(mscp):
src = File(os.getcwd() + "/src", size = 1024).make()
dst = File("/home/test/dst")
env = os.environ
env["MSCP_SSH_AUTH_PASSWORD"] = "invalid-userpassword"
run2ng([mscp, "-H", "-vvv", "-l", "test",
src.path, "localhost:" + dst.path], env = env)
src.cleanup()