Re: snap and ssh
On Wed, Nov 23, 2016 at 02:29:12PM +0100, Didier Roche wrote: > It seems then that ssh is using hardcoded paths like /home/$USER/.ssh > for looking by default to id_rsa file and not using $HOME. Multiple ways > to get that fixed: > * reading the openssh-client code and fix it to use $HOME (and so, it > will use your snap $HOME) openssh is using the standard getpwnam() interface to retrieve home directory information: http://sources.debian.net/src/openssh/1:7.3p1-3/misc.c/#L579 openssh uses getpwnam(), getpwent(), getpwuid(), extensively. [1] Undoing this would take a lot of time. I can imagine a few ways to customize the home directory results for openssh: - Write libraries to LD_PRELOAD to intercept this family of functions and modify the results of lookups - Modify an /etc/passwd that's bind-mounted over the host's version so the standard library routines function normally - Write an NSS library that knows snappy - Ship a different ssh client that's easier to configure (really, untangling the standard unix password database from openssh looks like an extremely expensive task.) Each of these have pros and cons for different use cases. (For example, the LD_PRELOAD and NSS library choices may not even function in a statically-compiled executable, so they may have limited applicability.) Thanks 1: $ grep -rE '(getpwnam|getpwuid|getpwent|pw->)' | wc -l 350 signature.asc Description: PGP signature -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
Re: snap and ssh
23.11.2016 16:29, Didier Roche пишет: Le 23/11/2016 à 14:14, Vasilisc a écrit : Please give me advice. I want use openssh-client in snap package. But ssh try read system path vasilisc@vb:/home/vasilisc$ echo $HOME /home/vasilisc/snap/pac/x1 vasilisc@vb:/home/vasilisc$ echo $SNAP_USER_DATA /home/vasilisc/snap/pac/x1 vasilisc@vb:/home/vasilisc$ ssh vasilisc@192.168.3.6 The authenticity of host '192.168.3.6 (192.168.3.6)' can't be established. ECDSA key fingerprint is SHA256:hfV+C1ZOuysKlslXmj1bBKr6OaDKphmMN8KCbwcDlug. Are you sure you want to continue connecting (yes/no)? yes Failed to add the host to the list of known hosts (/home/vasilisc/.ssh/known_hosts). Load key "/home/vasilisc/.ssh/id_rsa": Permission denied How to make the ssh-client use the correct path? Hey Vasilisc, It seems then that ssh is using hardcoded paths like /home/$USER/.ssh for looking by default to id_rsa file and not using $HOME. Multiple ways to get that fixed: * reading the openssh-client code and fix it to use $HOME (and so, it will use your snap $HOME) * use ssh -i (look at the manpage for ssh) to point to an identity file directly Cheers, Didier Thx Didier! I will use option "-o UserKnownHostsFile=bla-bla -o IdentityFile=bla-bla -o " -- Best regards, vasilisc -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
Re: snap and ssh
Le 23/11/2016 à 14:14, Vasilisc a écrit : > Please give me advice. I want use openssh-client in snap package. > But ssh try read system path > > vasilisc@vb:/home/vasilisc$ echo $HOME > /home/vasilisc/snap/pac/x1 > > vasilisc@vb:/home/vasilisc$ echo $SNAP_USER_DATA > /home/vasilisc/snap/pac/x1 > > vasilisc@vb:/home/vasilisc$ ssh vasilisc@192.168.3.6 > The authenticity of host '192.168.3.6 (192.168.3.6)' can't be > established. > ECDSA key fingerprint is > SHA256:hfV+C1ZOuysKlslXmj1bBKr6OaDKphmMN8KCbwcDlug. > Are you sure you want to continue connecting (yes/no)? yes > Failed to add the host to the list of known hosts > (/home/vasilisc/.ssh/known_hosts). > Load key "/home/vasilisc/.ssh/id_rsa": Permission denied > > How to make the ssh-client use the correct path? > Hey Vasilisc, It seems then that ssh is using hardcoded paths like /home/$USER/.ssh for looking by default to id_rsa file and not using $HOME. Multiple ways to get that fixed: * reading the openssh-client code and fix it to use $HOME (and so, it will use your snap $HOME) * use ssh -i (look at the manpage for ssh) to point to an identity file directly Cheers, Didier -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
snap and ssh
Please give me advice. I want use openssh-client in snap package. But ssh try read system path vasilisc@vb:/home/vasilisc$ echo $HOME /home/vasilisc/snap/pac/x1 vasilisc@vb:/home/vasilisc$ echo $SNAP_USER_DATA /home/vasilisc/snap/pac/x1 vasilisc@vb:/home/vasilisc$ ssh vasilisc@192.168.3.6 The authenticity of host '192.168.3.6 (192.168.3.6)' can't be established. ECDSA key fingerprint is SHA256:hfV+C1ZOuysKlslXmj1bBKr6OaDKphmMN8KCbwcDlug. Are you sure you want to continue connecting (yes/no)? yes Failed to add the host to the list of known hosts (/home/vasilisc/.ssh/known_hosts). Load key "/home/vasilisc/.ssh/id_rsa": Permission denied How to make the ssh-client use the correct path? -- Best regards, vasilisc -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
