Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add ssh-agent startup when privkey is used #26

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add ssh-agent startup when privkey is used #26

wants to merge 1 commit into from

Conversation

sreboot
Copy link

@sreboot sreboot commented Oct 8, 2021

This change will:

  • start ssh-agent when privkey auth is used
  • add the key to ssh-agent
  • cleanup the agent once the job is over

Useful for scenarios where Rundeck executes a job where further SSH
authentication/connection is required (example: rsync).

@sreboot
Copy link
Author

sreboot commented Nov 18, 2021

Can someone pls comment on this PR - any issues merging this?

@richiereynolds
Copy link

richiereynolds commented Apr 27, 2022
edited
Loading

This is a good change but could it be made configurable so that nodes that don't require it don't incur the overheads of using it?
Many jobs use lots of steps which means lots of ssh connections in quick succession and the overheads of each connection soon mount up.
E.g. we found that ssh multiplexing really speeds things up because we're not creating a TCP conenction for each ssh session. It would be bad to slow that down again by starting/stopping ssh-agent prcesses for every session when they might only be needed for very few.
I think the default should be not to use it as my guess is a lot more nodes don't need ssh-agent forwarding than do need it.

@sreboot
Copy link
Author

sreboot commented Apr 29, 2022

@richiereynolds thanks for the feedback, lemme refactor this with the on/off switch.

@sreboot
Add ssh-agent startup when privkey is used
fd36381 
This change will:
  - start ssh-agent when privkey auth is used
  - add the key to ssh-agent
  - cleanup the agent once the job is over

Useful for scenarios where Rundeck executes a job where further SSH
authentication/connection is required (example: rsync).
@sreboot
Copy link
Author

sreboot commented Jun 2, 2022

Updated witch checkbox configuration option - default is off.

@sreboot
Copy link
Author

sreboot commented Jun 15, 2022

@richiereynolds let me know please if this looks OK? Thanks

@sreboot
Copy link
Author

sreboot commented Sep 7, 2022

@stagrlee @gschueler who is maintaining this repo?

@ltamaster
Copy link
Contributor

Hi @sreboot
Do you have an example (a job) where this feature is used?

Thanks
Luis

@sreboot
Copy link
Author

sreboot commented Jan 13, 2023

Sorry for the late reply, this is actually not a job specific feature but rather defined as a check-box on the Project level. By default the check-box is not selected.

The agent forwarding can be enabled in the Project settings under the "Default Node Executor" tab as displayed on this screenshot:

Screenshot 2023-01-13 at 12-33-16 Edit Configuration…

If the option is selected it will be picked up by https://github.com/rundeck-plugins/openssh-node-execution/pull/26/files#diff-39297066fbdfdbea1d016e8078109fdb2a74eb98b56291d8532de8fc364637e0R91

Hope this is enough information do describe this change.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sreboot @richiereynolds @ltamaster