Skip to content

Instantly share code, notes, and snippets.

@yono
Last active December 26, 2017 08:57
Show Gist options
  • Save yono/7909220 to your computer and use it in GitHub Desktop.
Save yono/7909220 to your computer and use it in GitHub Desktop.
fabric で踏み台サーバ越しに ssh アクセス

前提

  • [local] -> [admin] -> [prod]
  • [admin] -> [prod] の鍵は事前に配置済み
  • $HOME/.ssh/config で設定
  • 踏み台サーバ(admin)、目的のサーバ(prod) どちらにも鍵認証でログイン

結果

  • $HOME/.ssh/config だけだと実行終了時の DONE で固まる
  • fabfile.py 内で env.gateway = admin を設定すると固まらない。ただし prod のパスワードを聞かれる
  • さらに env.key_filename = '/Users/yono/.vagrant.d/insecure_private_key' として「prodの」key を指定するとパスワードを聞かれずに最後まで実行される
#!/bin/env python
from fabric.api import *
env.use_ssh_config = True
env.gateway = 'admin'
env.key_filename = '/Users/yono/.vagrant.d/insecure_private_key'
@task
def test():
run('hostname')
Host admin
HostName 127.0.0.1
User vagrant
Port 2201
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile /Users/yono/.vagrant.d/insecure_private_key
IdentitiesOnly yes
LogLevel FATAL
Host prod
HostName 192.168.33.11
Port 22
User vagrant
IdentityFile /Users/yono/.ssh/vagrant_admin_id_rsa
ProxyCommand ssh -W %h:%p admin
#ProxyCommand ssh admin nc %h %p
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment