Best IT Recipes

Using an SSH Key File with Fabric

How do I configure the fabric to connect to remote hosts using SSH files (such as Amazon EC2 instances)?

+91
python fabric
Mar 16 2018-11-11T00:
source share
7 answers

It is also worth mentioning here that you can use command line arguments for this:

fab command -i /path/to/key.pem [-H [user@]host[:port]]
+64
Mar 16 '11 at 23:35
source share

Finding a simple file with a working example of using an SSH key file is not so simple. I wrote a blog post about this ( with the appropriate line ).

Basically, usage happens something like this:

 from fabric.api import * env.hosts = ['host.name.com'] env.user = 'user' env.key_filename = '/path/to/keyfile.pem' def local_uname(): local('uname -a') def remote_uname(): run('uname -a')

An important part is setting the env.key_filename environment variable so that Paramiko configuration can search for it when connected.

+145
Mar 16 2018-11-11T00:
source share

Another cool feature available with Fabric 1.4 is that Fabric now supports SSH configurations .

If you already have all the SSH connection parameters in your ~/.ssh/config file, Fabric will support it, you need to add:

 env.use_ssh_config = True

at the beginning of your file.

+64
Mar 27 '12 at 10:21
source share

For me, the following does not work:

 env.user=["ubuntu"] env.key_filename=['keyfile.pem'] env.hosts=["xxx-xx-xxx-xxx.ap-southeast-1.compute.amazonaws.com"]

or

 fab command -i /path/to/key.pem [-H [user@]host[:port]]

However, the following:

 env.key_filename=['keyfile.pem'] env.hosts=["ubuntu@xxx-xx-xxx-xxx-southeast-1.compute.amazonaws.com"]

or

 env.key_filename=['keyfileq.pem'] env.host_string="ubuntu@xxx-xx-xxx-xxx.ap-southeast-1.compute.amazonaws.com"
+14
Feb 18 '14 at 7:04
source share

For fabric2 in fabfile use the following:

 from fabric import task, Connection @task def staging(ctx): ctx.name = 'staging' ctx.user = 'ubuntu' ctx.host = '192.1.1.1' ctx.connect_kwargs.key_filename = os.environ['ENV_VAR_POINTS_TO_PRIVATE_KEY_PATH'] @task def do_something_remote(ctx): with Connection(ctx.host, ctx.user, connect_kwargs=ctx.connect_kwargs) as conn: conn.sudo('supervisorctl status')

and run it with:

 fab staging do_something_remote

UPDATE:
For multiple hosts (one host is fine too) you can use this:

 from fabric2 import task, SerialGroup @task def staging(ctx): conns = SerialGroup( 'user@10.0.0.1', 'user@10.0.0.2', connect_kwargs= { 'key_filename': os.environ['PRIVATE_KEY_TO_HOST'] }) ctx.CONNS = conns ctx.APP_SERVICE_NAME = 'google' @task def stop(ctx): for conn in ctx.CONNS: conn.sudo('supervisorctl stop ' + ctx.APP_SERVICE_NAME)

and run it with FAB or FAB2:

 fab staging stop
+11
Aug 08
source share

I had to do it today, my .py file was as simple as possible, like the one sent in @YuvalAdam's answer, but still I kept asking for the password ...

Looking at the paramiko magazine (the library used as material for ssh), I found the line:

Incompatible ssh-sverst (without acceptable kex algorithm)

I updated paramiko with

 sudo pip install paramiko --upgrade

And now it works.

+7
Feb 09 '15 at 12:18
source share

As stated above, Fabric will support the settings for the .ssh / config file after the mod, but using the pem file for ec2 seems problematic. IOW a properly configured .ssh / config file will work from the command line via 'ssh servername' and will not work with 'fab sometask' when env.host = ['servername'].

This was overcome by specifying env.key_filename = 'keyfile' in my fabfile.py file and duplicating the IdentityFile entry already in my .ssh / config.

It can be either Fabric or paramiko, which in my case was Fabric 1.5.3 and Paramiko 1.9.0.

+1
Feb 06 '13 at 20:29
source share


More articles:


All Articles