From ba05171450facc21824a24403221eeb9a856caad Mon Sep 17 00:00:00 2001 From: Elvin Efendi Date: Wed, 20 Jan 2016 21:26:04 -0500 Subject: option to use ssh proxy command --- README.md | 15 +++++++++++++++ lib/oxidized/input/ssh.rb | 9 +++++++-- spec/input/ssh_spec.rb | 37 +++++++++++++++++++++++++++++++++++++ 3 files changed, 59 insertions(+), 2 deletions(-) create mode 100644 spec/input/ssh_spec.rb diff --git a/README.md b/README.md index a6766ec..a29eb08 100644 --- a/README.md +++ b/README.md @@ -277,6 +277,21 @@ source: enable: 4 ``` +### SSH Proxy Command + +Oxidized can `ssh` through a proxy as well. To do so we just need to set `proxy` variable. + +``` +... +map: + name: 0 + model: 1 +vars_map: + enable: 2 + proxy: 3 +... +``` + ### Source: SQLite One row per device, filtered by hostname. diff --git a/lib/oxidized/input/ssh.rb b/lib/oxidized/input/ssh.rb index 476a786..493f7bb 100644 --- a/lib/oxidized/input/ssh.rb +++ b/lib/oxidized/input/ssh.rb @@ -1,5 +1,6 @@ module Oxidized require 'net/ssh' + require 'net/ssh/proxy/command' require 'timeout' require 'oxidized/input/cli' class SSH < Input @@ -22,11 +23,15 @@ module Oxidized secure = Oxidized.config.input.ssh.secure @log = File.open(Oxidized::Config::Crash + "-#{@node.ip}-ssh", 'w') if Oxidized.config.input.debug? port = vars(:ssh_port) || 22 - @ssh = Net::SSH.start @node.ip, @node.auth[:username], :port => port.to_i, + if proxy_host = vars(:proxy) + proxy = Net::SSH::Proxy::Command.new("ssh #{proxy_host} nc %h %p") + end + @ssh = Net::SSH.start(@node.ip, @node.auth[:username], :port => port.to_i, :password => @node.auth[:password], :timeout => Oxidized.config.timeout, :paranoid => secure, :auth_methods => %w(none publickey password keyboard-interactive), - :number_of_password_prompts => 0 + :number_of_password_prompts => 0, + :proxy => proxy) unless @exec shell_open @ssh begin diff --git a/spec/input/ssh_spec.rb b/spec/input/ssh_spec.rb new file mode 100644 index 0000000..43c7d66 --- /dev/null +++ b/spec/input/ssh_spec.rb @@ -0,0 +1,37 @@ +require 'spec_helper' +require 'oxidized/input/ssh' + +describe Oxidized::SSH do + before(:each) do + Oxidized.asetus = Asetus.new + Oxidized::Node.any_instance.stubs(:resolve_input) + Oxidized::Node.any_instance.stubs(:resolve_output) + @node = Oxidized::Node.new(name: 'example.com', + input: 'ssh', + output: 'git', + model: 'junos', + username: 'alma', + password: 'armud', + vars: {proxy: 'test.com'}) + + end + + describe "#connect" do + it "should use proxy command when proxy host given" do + ssh = Oxidized::SSH.new + + model = mock() + model.expects(:cfg).returns({'ssh' => []}) + @node.expects(:model).returns(model) + + proxy = mock() + Net::SSH::Proxy::Command.expects(:new).with("ssh test.com nc %h %p").returns(proxy) + Net::SSH.expects(:start).with('93.184.216.34', 'alma', {:port => 22, :password => 'armud', :timeout => Oxidized.config.timeout, + :paranoid => Oxidized.config.input.ssh.secure, :auth_methods => ['none', 'publickey', 'password', 'keyboard-interactive'], + :number_of_password_prompts => 0, :proxy => proxy}) + + ssh.instance_variable_set("@exec", true) + ssh.connect(@node) + end + end +end -- cgit v1.2.1