x/build/cmd/gomote: add ssh access to builders #19956
Comments
|
there is no standard SSH server in crypto/ssh, because it would have to interact with all the nasty platform bits (process control, ptys, etc.) I think the fastest solution would be: run openssh on the buildlet (configure it for authless login), and use the coordinator as proxy at the channel level: the proxy passes on all OpenChannel requests. The x/cprypto/ssh/test show how you can start opensshd (but you'll probbably want to run it in daemon mode). The proxying takes the input from NewClientConn and passes it into the NewServerConn output and vice versa. |
|
@hanwen, if I wanted to take advantage of the machines' existing ssh servers, could I do that? Can the OpenChannel dialer do the ssh client auth (mix of fixed passwords & keys), establish the channel, and then stitch them together? |
|
Yes, that should work. I would avoid passwords if you can. Public keys are easier to manage: you have to protect the secret in just one place, and they're immune to MITM attacks. |
|
A lot of our build VM images have fixed passwords. e.g. gopher/gopher: We're not exactly secret about those. They're one-off VMs and run on isolated networks. But good to hear using the existing ssh server should work. I'll play. |
|
CL https://golang.org/cl/50750 mentions this issue. |
|
CL https://golang.org/cl/50890 mentions this issue. |
In the Plan 9 image, we remove "exec rio" from lib/profile, so users without graphical interface support will be able to connect to the Plan 9 instance. Updates golang/go#19956 Change-Id: I64b220d7e8a322b2d8b3a78dfd7773a95cc54f5b Reviewed-on: https://go-review.googlesource.com/50890 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
People have long been requesting ssh access to gomote-creatable builders.
The idea being it'd be something like:
And then you're in bash or whatever (let's ignore Windows and Plan 9 for version 1):
Architecturally, the connections would be like:
We'd modify the x/build/cmd/buildlet code to have auth-less ssh support (they're network-isolated), and then modify the x/build/cmd/coordinator (farmer.golang.org) to have an ssh server (well, an additional one on a different port) that did the authentication and proxied to the buildlet's ssh.
I haven't used the x/crypto/ssh package much. I imagine on the buildlet it needs to create a pty (?) or something and run bash.
On the coordinator side, I'm not exactly sure what I need to do in that ssh server after authenticating the client. I'm only vaguely aware of the ssh protocol. At some level I proxy it to the buildlet.
Help wanted. What I'd love to see is:
(no openssh server; just Go is most deployable in our current environments where we can update the buildlet binaries quickly but the OS images are often more baked)
Alternative I considered: only one ssh server (on the buildlet) with a random password, and have the coordinator only be a TCP proxy. But then I'd still know how to route incoming TCP connections to different backends, implying some protocol there anyway, and I think it can just be ssh.
/cc @hanwen @aclements @ianlancetaylor
The text was updated successfully, but these errors were encountered: