Sending file to host with Colab - scp

I want to share a Colab file using scp
I created a RSA keypair using SSH-keygen. When I run:
!scp "/full/path/to/file" [user]#[host]:~/path/to/dest
I get (without password prompt):
>>>Host key verification failed.
>>>lost connection
Classical answers as shown here and here do not work in this context because the colab environment gives no access to the relevant files:
!ssh-keygen -R [host]
>>>do_known_hosts: hostkeys_foreach failed: No such file or directory
!rm /home/USERNAME/.ssh/known_hosts
>>>rm: cannot remove '/home/USERNAME/.ssh/known_hosts': No such file or directory
!scp "/full/path/to/file" -o 'StrictHostKeyChecking no' [user]#[host]:~/path/to/dest
same
paramiko pip module:noodles forever, no result whatsoever

you need first to make an ssh connection to your colab account by a terminal that could connect by ngrok which code is in the following
import random, string, urllib.request, json, getpass
#Generate root password
password = ''.join(random.choice(string.ascii_letters + string.digits) for i in range(20))
#Download ngrok
! wget -q -c -nc https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-linux-amd64.zip
! unzip -qq -n ngrok-stable-linux-amd64.zip
#Setup sshd
! apt-get install -qq -o=Dpkg::Use-Pty=0 openssh-server pwgen > /dev/null
#Set root password
! echo root:$password | chpasswd
! mkdir -p /var/run/sshd
! echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
! echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config
! echo "LD_LIBRARY_PATH=/usr/lib64-nvidia" >> /root/.bashrc
! echo "export LD_LIBRARY_PATH" >> /root/.bashrc
#Run sshd
get_ipython().system_raw('/usr/sbin/sshd -D &')
#Ask token
print("Copy authtoken from https://dashboard.ngrok.com/auth")
authtoken = getpass.getpass()
#Create tunnel
get_ipython().system_raw('./ngrok authtoken $authtoken && ./ngrok tcp 22 &')
#Get public address and print connect command
with urllib.request.urlopen('http://localhost:4040/api/tunnels') as response:
data = json.loads(response.read().decode())
(host, port) = data['tunnels'][0]['public_url'][6:].split(':')
print(f'SSH command: ssh -p{port} root#{host}')
#Print root password
print(f'Root password: {password}')
after connecting to colab by The terminal you are allowed to use SCP on that

Related

Ansible sudo password Missing

Using latest Ansible 2.9.12 on Ubuntu 18.04
Have followed the steps to setup password less ssh, I have the same same user on both server and node machine.
a#A:~> ssh-keygen -t rsa
a#A:~> ssh b#B mkdir -p .ssh
b#B's password:
a#A:~> cat .ssh/id_rsa.pub | ssh b#B 'cat >> .ssh/authorized_keys'
b#B's password:
a#A:~> ssh b#B <- this works
$ ansible -m ping all <- this works
Try executing a basic ansible command:
$ ansible -b all -m apt -a "name=apache2 state=latest"
192.168.37.129 | FAILED! => {
"msg": "Missing sudo password"
$ ansible -b all -m apt -a "name=apache2 state=latest" -kk
SSH password:
192.168.37.129 | FAILED! => {
**"msg": "Missing sudo password"
Anything I am missing here? Should I create a new/different user in node machine?
Implemented these steps on both the server and node machine
$ sudo visudo #added these 2 lines
root ALL=(ALL) ALL
<user> ALL=(ALL) NOPASSWD:ALL
$ sudo nano /etc/ssh/sshd_config
PermitRootLogin yes
PasswordAuthentication yes
$ sudo service sshd restart
That error went away

Ansible ssh connection

I know there are a few about this but so far nothing seems to work for me.
So I am trying to learn to use Ansible and I got stuck at this ssh connection issue. I think I did everything right however I would appreciate if someone would help out. Let me post the files I have configures and the result I have.
### ansible.cfg ###
[defaults]
inventory = ./Playbooks/hosts
remote_user = ansible
private_key_file = .ssh/id_key.pub
### Playbooks/hosts ###
[server]
ubu1 ansible_ssh_host=192.16.20.69 ansible_ssh_pass=qwerty ansible_ssh_user=ansible
### Command executed ###
sudo ansible -m ping -vvvv ubu1
### The result I get ###
Using /home/ansible/ansible.cfg as config file
Loaded callback minimal of type stdout, v2.0
<192.16.20.69> ESTABLISH SSH CONNECTION FOR USER: ansible
<192.16.20.69> SSH: EXEC sshpass -d12 ssh -C -vvv -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile=".ssh/id_key.pub"' -o User=ansible -o ConnectTimeout=10 -o ControlPath=/home/ansible/.ansible/cp/ansible-ssh-%h-%p-%r 192.16.20.69 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1470766758.25-258256142287087 `" && echo ansible-tmp-1470766758.25-258256142287087="` echo $HOME/.ansible/tmp/ansible-tmp-1470766758.25-258256142287087 `" ) && sleep 0'"'"''
ubu1 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh.",
"unreachable": true
}
Unfortunalty I am unable to continue learning Ansible until I get this solved. One of the things I am wondering if the ssh-agent is not interfering with Ansible and if so and I must admit I have no clue on what to next.
Any help would be appreciated.
Thanks
Perry
The answer from comments above:
Try ANSIBLE_DEBUG=1 ansible -m ping -vvvv ubu1 and check the exact error message
Allowed to trace down problems with ip-addresses and python installation.

How to enable sshpass output to console

Using scp and interactively entering the password the file copy progress is sent to the console but there is no console output when using sshpass in a script to scp files.
$ sshpass -p [password] scp [file] root#[ip]:/[dir]
It seems sshpass is suppressing or hiding the console output of scp. Is there a way to enable the sshpass scp output to console?
After
sudo apt-get install expect
the file send-files.exp works as desired:
#!/usr/bin/expect -f
spawn scp -r $FILES $DEST
match_max 100000
expect "*?assword:*"
send -- "12345\r"
expect eof
Not exactly what was desired, but better than silence:
SSHPASS="12345" sshpass -e scp -v -r $FILES $DEST 2>&1 | grep -v debug1
Note that -e is considered a bit safer than -p.
Output:
Executing: program /usr/bin/ssh host servername, user username, command scp -v -t /src/path/dst_file.txt
OpenSSH_6.6.1, OpenSSL 1.0.1i-fips 6 Aug 2014
Authenticated to servername ([10.11.12.13]:22).
Sending file modes: C0600 590493 src_file.txt
Sink: C0600 590493 src_file.txt
Transferred: sent 594696, received 2600 bytes, in 0.1 seconds
Bytes per second: sent 8920671.8, received 39001.0
In this way:
output=$(sshpass -p $PASSWD scp -v $filename root#192.168.8.1:/root 2>&1)
echo "Output = $output"
you redirect the console output in variable output.
Or, if you only want to see the console output of scp command, you should add only -v command in your ssh pass cmd:
sshpass -p $PASSWD scp -v $filename root#192.168.8.1:/root

TAR over two hops

I need to create a tar and shipped it to my local folder.
If i can create tar file, i can easily get it on local folder using scp.
Here problem is at first step: Creating TAR on remote server. Server is accessible only through another remote server (bastion server).
Here is the command i'm using currently:
timestamp="20160226-085856"
ssh bastion_server -t ssh remote_server "sudo su -c \"cp -r /etc/nginx /home/ubuntu/backup/nginx_26Feb && cd /home/ubuntu/backup && tar -C /home/ubuntu/backup -cf backup_nginx-$timestamp.tar ./nginx_26Feb\" "
Here is the error i am getting:
su: invalid option -- 'r'
Usage: su [options] [LOGIN]
Any help here would be great.
Give it a try without the fancy sudo su -c. Using sudo -s should be enough:
ssh bastion_server -t ssh remote_server "sudo -s cp -r /etc/nginx \
/home/ubuntu/backup/nginx_26Feb && cd /home/ubuntu/backup && \
tar -C /home/ubuntu/backup -cf backup_nginx-$timestamp.tar ./nginx_26Feb"
Or rather set up proper two-hops ~/.ssh/config:
Host bastion
Hostname bastion_server
Host remote
Hostname remote_server
ProxyCommand ssh -W %h:%p bastion
and then just run
ssh remote sudo su -c "cp -r /etc/nginx /home/ubuntu/backup/nginx_26Feb \
&& cd /home/ubuntu/backup && tar -C /home/ubuntu/backup -cf \
backup_nginx-$timestamp.tar ./nginx_26Feb"
Without the fancy escaping and stuff.

Ansible SSH forwarding doesn't seem to work with Vagrant

OK, strange question. I have SSH forwarding working with Vagrant. But I'm trying to get it working when using Ansible as a Vagrant provisioner.
I found out exactly what Ansible is executing, and tried it myself from the command line, sure enough, it fails there too.
[/common/picsolve-ansible/u12.04%]ssh -o HostName=127.0.0.1 \
-o User=vagrant -o Port=2222 -o UserKnownHostsFile=/dev/null \
-o StrictHostKeyChecking=no -o PasswordAuthentication=no \
-o IdentityFile=/Users/bryanhunt/.vagrant.d/insecure_private_key \
-o IdentitiesOnly=yes -o LogLevel=FATAL \
-o ForwardAgent=yes "/bin/sh \
-c 'git clone git#bitbucket.org:bryan_picsolve/poc_docker.git /home/vagrant/poc_docker' "
Permission denied (publickey,password).
But when I just run vagrant ssh the agent forwarding works correctly, and I can checkout R/W my github project.
[/common/picsolve-ansible/u12.04%]vagrant ssh
vagrant#vagrant-ubuntu-precise-64:~$ /bin/sh -c 'git clone git#bitbucket.org:bryan_picsolve/poc_docker.git /home/vagrant/poc_docker'
Cloning into '/home/vagrant/poc_docker'...
remote: Counting objects: 18, done.
remote: Compressing objects: 100% (14/14), done.
remote: Total 18 (delta 4), reused 0 (delta 0)
Receiving objects: 100% (18/18), done.
Resolving deltas: 100% (4/4), done.
vagrant#vagrant-ubuntu-precise-64:~$
Has anyone got any idea how it is working?
Update:
By means of ps awux I determined the exact command being executed by Vagrant.
I replicated it and git checkout worked.
ssh vagrant#127.0.0.1 -p 2222 \
-o Compression=yes \
-o StrictHostKeyChecking=no \
-o LogLevel=FATAL \
-o StrictHostKeyChecking=no \
-o UserKnownHostsFile=/dev/null \
-o IdentitiesOnly=yes \
-i /Users/bryanhunt/.vagrant.d/insecure_private_key \
-o ForwardAgent=yes \
-o LogLevel=DEBUG \
"/bin/sh -c 'git clone git#bitbucket.org:bryan_picsolve/poc_docker.git /home/vagrant/poc_docker' "
As of ansible 1.5 (devel aa2d6e47f0) last updated 2014/03/24 14:23:18 (GMT +100) and Vagrant 1.5.1 this now works.
My Vagrant configuration contains the following:
config.vm.provision "ansible" do |ansible|
ansible.playbook = "../playbooks/basho_bench.yml"
ansible.sudo = true
ansible.host_key_checking = false
ansible.verbose = 'vvvv'
ansible.extra_vars = { ansible_ssh_user: 'vagrant',
ansible_connection: 'ssh',
ansible_ssh_args: '-o ForwardAgent=yes'}
It is also a good idea to explicitly disable sudo use. For example, when using the Ansible git module, I do this:
- name: checkout basho_bench repository
sudo: no
action: git repo=git#github.com:basho/basho_bench.git dest=basho_bench
The key difference appears to be the UserKnownHostFile setting. Even with StrictHostKeyChecking turned off, ssh quietly disables certain features including agent forwarding when there is a conflicting entry in the known hosts file (these conflicts are common for vagrant since multiple VMs may have the same address at different times). It works for me if I point UserKnownHostFile to /dev/null:
config.vm.provision "ansible" do |ansible|
ansible.playbook = "playbook.yml"
ansible.raw_ssh_args = ['-o UserKnownHostsFile=/dev/null']
end
Here's a workaround:
Create an ansible.cfg file in the same directory as your Vagrantfile with the following lines:
[ssh_connection]
ssh_args = -o ForwardAgent=yes
You can simply add this line to your Vagrantfile to enable the ssh forwarding:
config.ssh.forward_agent = true
Note: Don't forget to execute the task with become: false
Hope, this will help.
I've found that I need to do two separate things (on Ubuntu 12.04) to get it working:
the -o ForwardAgent thing that #Lorin mentions
adding /etc/sudoers.d/01-make_SSH_AUTH_SOCK_AVAILABLE with these contents:
Defaults env_keep += "SSH_AUTH_SOCK"
I struggled with a very similar problem for a few hours.
Vagrant 1.7.2
ansible 1.9.4
My symptoms:
failed: [vagrant1] => {"cmd": "/usr/bin/git ls-remote '' -h refs/heads/HEAD", "failed": true, "rc": 128}
stderr: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
msg: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
FATAL: all hosts have already failed -- aborting
SSH'ing into the guest, I found that my ssh-agent was forwarding as expected:
vagrant#vagrant-ubuntu-trusty-64:~$ ssh -T git#github.com
Hi baxline! You've successfully authenticated, but GitHub does not provide shell access.
However, from the host machine, I could not open the connection:
$ ansible web -a "ssh-add -L"
vagrant1 | FAILED | rc=2 >>
Could not open a connection to your authentication agent.
After confirming that my ansible.cfg file was set up, as #Lorin noted, and my Vagrantfile set config.ssh.forward_agent = true, I still came up short.
The solution was to delete all lines in my host's ~/.ssh/known_hosts file that were associated with my guest. For me, they were the lines that started with:
[127.0.0.1]:2201 ssh-rsa
[127.0.0.1]:2222 ssh-rsa
[127.0.01]:2222 ssh-rsa
[127.0.0.1]:2200 ssh-rsa
Note the third line has a funny ip address. I'm not certain, but I believe that line was the culprit. These lines are created as I destroy and create vagrant VMs.