[Bug]: az network bastion ssh
does not allow configuration of ssh-client-folder
#7744
Labels
Auto-Assign
Auto assign by bot
customer-reported
Issues that are reported by GitHub users external to the Azure organization.
Network - Bastion
Network
question
The issue doesn't require a change to the product in order to be resolved. Most issues start as that
Service Attention
This issue is responsible by Azure service team.
Describe the bug
If OpenSSH is not installed at the default location, then commands to create an ssh tunnel via
az network bastion ssh
do not work, since ssh commands are unvailable. The returned error states that one can specify thessh-client-folder
, but this is incorrect.az ssh
commands allows for the specification of the--ssh-client-folder
, but this is not recognised as a vaild parameter toaz network bastion ssh
.More specifically, the function
_get_ssh_path
could be modified (see this code snippet) to allow the specification of another folder forssh.exe
, instead of hardcoding the path to ssh asSYSTEMROOT/System32/OpenSSH/ssh.exe
.Linux and Darwin implementations use
which
in order to find the location ofssh
using shutil, which could be extended to Windows ifshutil.which(ssh_command)
returns a valid path.Related command
az ssh
Errors
Could not find ssh-keygen.exe on path C:\WINDOWS\System32\openSSH\ssh-keygen.exe.
Make sure OpenSSH is installed correctly: https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse . Or use --ssh-client-folder to provide folder path with ssh executables.
Issue script & Debug output
az network bastion ssh --name **** --resource-group **** --auth-type AAD --target-resource-id /subscriptions/****/resourceGroups/****/providers/Microsoft.Compute/virtualMachines/**vm_name** --debug
DEBUG: cli.knack.cli: Command arguments: ['network', 'bastion', 'ssh', '--name', '', '--resource-group', '', '--auth-type', 'AAD', '--target-resource-id', '/subscriptions//resourceGroups//providers/Microsoft.Compute/virtualMachines/vm_name', '--debug']
DEBUG: cli.knack.cli: init debug log:
Cannot enable color.
DEBUG: cli.knack.cli: Event: Cli.PreExecute []
DEBUG: cli.knack.cli: Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x000001AB016BF880>, <function OutputProducer.on_global_arguments at 0x000001AB01846020>, <function CLIQuery.on_global_arguments at 0x000001AB01873BA0>]
DEBUG: cli.knack.cli: Event: CommandInvoker.OnPreCommandTableCreate []
DEBUG: cli.azure.cli.core: Modules found from index for 'network': ['azure.cli.command_modules.network', 'azure.cli.command_modules.privatedns', 'azext_bastion']
DEBUG: cli.azure.cli.core: Loading command modules:
DEBUG: cli.azure.cli.core: Name Load Time Groups Commands
DEBUG: cli.azure.cli.core: network 1.225 115 454
DEBUG: cli.azure.cli.core: privatedns 0.075 14 60
DEBUG: cli.azure.cli.core: Total (2) 1.300 129 514
DEBUG: cli.azure.cli.core: These extensions are not installed and will be skipped: ['azext_ai_examples', 'azext_next']
DEBUG: cli.azure.cli.core: Loading extensions:
DEBUG: cli.azure.cli.core: Name Load Time Groups Commands Directory
DEBUG: cli.azure.cli.core: bastion 0.040 2 9 C:\Users*USER*.azure\cliextensions\bastion
DEBUG: cli.azure.cli.core: Total (1) 0.040 2 9
DEBUG: cli.azure.cli.core: Loaded 129 groups, 523 commands.
DEBUG: cli.azure.cli.core: Found a match in the command table.
DEBUG: cli.azure.cli.core: Raw command : network bastion ssh
DEBUG: cli.azure.cli.core: Command table: network bastion ssh
DEBUG: cli.knack.cli: Event: CommandInvoker.OnPreCommandTableTruncate []
DEBUG: cli.azure.cli.core.azlogging: metadata file logging enabled - writing logs to 'C:\Users*USER*.azure\commands\2024-06-25.14-01-58.network_bastion_ssh.27492.log'.
INFO: az_command_data_logger: command args: network bastion ssh --name {} --resource-group {} --auth-type {} --target-resource-id {} --debug
REDACTED CLI AUTH INFO
DEBUG: cli.azure.cli.core.sdk.policies: Request URL: 'https://management.azure.com/subscriptions/**SUBSCRIPTION**/resourceGroups/****/providers/Microsoft.Network/bastionHosts/****?api-version=2022-01-01'
DEBUG: cli.azure.cli.core.sdk.policies: Request method: 'GET'
DEBUG: cli.azure.cli.core.sdk.policies: Request headers:
REDACTED REQUEST HEADERS
DEBUG: cli.azure.cli.core.sdk.policies: Request body:
DEBUG: cli.azure.cli.core.sdk.policies: This request has no body
DEBUG: urllib3.connectionpool: Starting new HTTPS connection (1): management.azure.com:443
DEBUG: urllib3.connectionpool: https://management.azure.com:443 "GET /subscriptions/SUBSCRIPTION/resourceGroups//providers/Microsoft.Network/bastionHosts/?api-version=2022-01-01 HTTP/1.1" 200 2156
DEBUG: cli.azure.cli.core.sdk.policies: Response status: 200
REDACTED INFO ON RESPONSE HEADERS
DEBUG: cli.azure.cli.core.sdk.policies: Response content:
DEBUG: cli.azure.cli.core.sdk.policies: {
REDACTED
}
INFO: cli.azext_bastion.tunnel: Creating a socket on port: 0
INFO: cli.azext_bastion.tunnel: Setting socket options
INFO: cli.azext_bastion.tunnel: Binding to socket on local address and port
INFO: cli.azext_bastion.tunnel: Auto-selecting port: 49239
INFO: cli.azext_bastion.tunnel: Finished initialization
DEBUG: cli.azext_ssh.ssh_utils: Platform architecture: 64bit
DEBUG: cli.azext_ssh.ssh_utils: OS architecture: 64bit
DEBUG: cli.azext_ssh.ssh_utils: System Root: C:\WINDOWS
DEBUG: cli.azext_ssh.ssh_utils: Attempting to run ssh-keygen from path C:\WINDOWS\System32\openSSH\ssh-keygen.exe
DEBUG: cli.azure.cli.core.azclierror: Traceback (most recent call last):
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\knack/cli.py", line 233, in invoke
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 664, in execute
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 731, in _run_jobs_serially
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 701, in _run_job
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 334, in call
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/command_operation.py", line 121, in handler
File "C:\Users*USER*.azure\cliextensions\bastion\azext_bastion\custom.py", line 184, in ssh_bastion_host
azssh.ssh_cert(cmd, cert_path=os.path.join(cert_folder, "REDACTED"))
File "C:\Users*USER*.azure\cliextensions\ssh\azext_ssh\custom.py", line 127, in ssh_cert
public_key_file, _, _ = _check_or_create_public_private_files(public_key_file, None, keys_folder, ssh_client_folder)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users*USER*.azure\cliextensions\ssh\azext_ssh\custom.py", line 319, in _check_or_create_public_private_files
ssh_utils.create_ssh_keyfile(private_key_file, ssh_client_folder)
File "C:\Users*USER*.azure\cliextensions\ssh\azext_ssh\ssh_utils.py", line 164, in create_ssh_keyfile
sshkeygen_path = get_ssh_client_path("ssh-keygen", ssh_client_folder)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users*USER*.azure\cliextensions\ssh\azext_ssh\ssh_utils.py", line 324, in get_ssh_client_path
raise azclierror.UnclassifiedUserFault(
azure.cli.core.azclierror.UnclassifiedUserFault: Could not find ssh-keygen.exe on path C:\WINDOWS\System32\openSSH\ssh-keygen.exe.
ERROR: cli.azure.cli.core.azclierror: Could not find ssh-keygen.exe on path C:\WINDOWS\System32\openSSH\ssh-keygen.exe.
ERROR: az_command_data_logger: Could not find ssh-keygen.exe on path C:\WINDOWS\System32\openSSH\ssh-keygen.exe.
Make sure OpenSSH is installed correctly: https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse . Or use --ssh-client-folder to provide folder path with ssh executables.
DEBUG: cli.knack.cli: Event: Cli.PostExecute []
INFO: az_command_data_logger: exit code: 1
INFO: cli.main: Command ran in 4.515 seconds (init: 0.839, invoke: 3.676)
INFO: telemetry.main: Begin splitting cli events and extra events, total events: 1
INFO: telemetry.client: Accumulated 0 events. Flush the clients.
INFO: telemetry.main: Finish splitting cli events and extra events, cli events: 1
INFO: telemetry.save: Save telemetry record of length 3878 in cache
INFO: telemetry.main: Begin creating telemetry upload process.
INFO: telemetry.process: Creating upload process: "C:\Program Files\Microsoft SDKs\Azure\CLI2\python.exe C:\Program Files\Microsoft SDKs\Azure\CLI2\Lib\site-packages\azure\cli\telemetry_init_.pyc C:\Users*USER*.azure"
INFO: telemetry.process: Return from creating process
INFO: telemetry.main: Finish creating telemetry upload process.
Expected behavior
Expected behaviour is that one can specify the parameter for
ssh-client-folder
, as used in theaz ssh
extension.Environment Summary
azure-cli 2.59.0 *
core 2.59.0 *
telemetry 1.1.0
Extensions:
amg 1.3.2
bastion 1.0.1
ssh 2.0.3
Dependencies:
msal 1.27.0
azure-mgmt-resource 23.1.0b2
Python location
C:\Program Files\Microsoft SDKs\Azure\CLI2\python.exe
Extensions directory
C:\Users\USER\.azure\cliextensions
Python (Windows) 3.11.8 (tags/v3.11.8:db85d51, Feb 6 2024, 22:03:32) [MSC v.1937 64 bit (AMD64)]
Additional context
No response
The text was updated successfully, but these errors were encountered: