[Bug]: az network bastion ssh does not allow configuration of ssh-client-folder
#7744
Labels
Auto-Assign
Auto assign by bot
customer-reported
Issues that are reported by GitHub users external to the Azure organization.
Network - Bastion
Network
question
The issue doesn't require a change to the product in order to be resolved. Most issues start as that
Service Attention
This issue is responsible by Azure service team.
Comments
DanielWaite-glano
added
the
bug
microsoft-github-policy-service
bot
added
question
|
Thank you for opening this issue, we will look into it. |
microsoft-github-policy-service
bot
added
Auto-Assign
microsoft-github-policy-service
bot
added
Azure CLI Team
|
Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @aznetsuppgithub. |
|
Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @bastionsuppgithub. |
yonzhan
removed
bug
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
If OpenSSH is not installed at the default location, then commands to create an ssh tunnel via
az network bastion sshdo not work, since ssh commands are unvailable. The returned error states that one can specify thessh-client-folder, but this is incorrect.az sshcommands allows for the specification of the--ssh-client-folder, but this is not recognised as a vaild parameter toaz network bastion ssh.More specifically, the function
_get_ssh_pathcould be modified (see this code snippet) to allow the specification of another folder forssh.exe, instead of hardcoding the path to ssh asSYSTEMROOT/System32/OpenSSH/ssh.exe.Linux and Darwin implementations use
whichin order to find the location ofsshusing shutil, which could be extended to Windows ifshutil.which(ssh_command)returns a valid path.Related command
az sshErrors
Could not find ssh-keygen.exe on path C:\WINDOWS\System32\openSSH\ssh-keygen.exe.
Make sure OpenSSH is installed correctly: https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse . Or use --ssh-client-folder to provide folder path with ssh executables.
Issue script & Debug output
az network bastion ssh --name **** --resource-group **** --auth-type AAD --target-resource-id /subscriptions/****/resourceGroups/****/providers/Microsoft.Compute/virtualMachines/**vm_name** --debugDEBUG: cli.knack.cli: Command arguments: ['network', 'bastion', 'ssh', '--name', '', '--resource-group', '', '--auth-type', 'AAD', '--target-resource-id', '/subscriptions//resourceGroups//providers/Microsoft.Compute/virtualMachines/vm_name', '--debug']
DEBUG: cli.knack.cli: init debug log:
Cannot enable color.
DEBUG: cli.knack.cli: Event: Cli.PreExecute []
DEBUG: cli.knack.cli: Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x000001AB016BF880>, <function OutputProducer.on_global_arguments at 0x000001AB01846020>, <function CLIQuery.on_global_arguments at 0x000001AB01873BA0>]
DEBUG: cli.knack.cli: Event: CommandInvoker.OnPreCommandTableCreate []
DEBUG: cli.azure.cli.core: Modules found from index for 'network': ['azure.cli.command_modules.network', 'azure.cli.command_modules.privatedns', 'azext_bastion']
DEBUG: cli.azure.cli.core: Loading command modules:
DEBUG: cli.azure.cli.core: Name Load Time Groups Commands
DEBUG: cli.azure.cli.core: network 1.225 115 454
DEBUG: cli.azure.cli.core: privatedns 0.075 14 60
DEBUG: cli.azure.cli.core: Total (2) 1.300 129 514
DEBUG: cli.azure.cli.core: These extensions are not installed and will be skipped: ['azext_ai_examples', 'azext_next']
DEBUG: cli.azure.cli.core: Loading extensions:
DEBUG: cli.azure.cli.core: Name Load Time Groups Commands Directory
DEBUG: cli.azure.cli.core: bastion 0.040 2 9 C:\Users*USER*.azure\cliextensions\bastion
DEBUG: cli.azure.cli.core: Total (1) 0.040 2 9
DEBUG: cli.azure.cli.core: Loaded 129 groups, 523 commands.
DEBUG: cli.azure.cli.core: Found a match in the command table.
DEBUG: cli.azure.cli.core: Raw command : network bastion ssh
DEBUG: cli.azure.cli.core: Command table: network bastion ssh
DEBUG: cli.knack.cli: Event: CommandInvoker.OnPreCommandTableTruncate []
DEBUG: cli.azure.cli.core.azlogging: metadata file logging enabled - writing logs to 'C:\Users*USER*.azure\commands\2024-06-25.14-01-58.network_bastion_ssh.27492.log'.
INFO: az_command_data_logger: command args: network bastion ssh --name {} --resource-group {} --auth-type {} --target-resource-id {} --debug
REDACTED CLI AUTH INFO
DEBUG: cli.azure.cli.core.sdk.policies: Request URL: 'https://management.azure.com/subscriptions/**SUBSCRIPTION**/resourceGroups/****/providers/Microsoft.Network/bastionHosts/****?api-version=2022-01-01'
DEBUG: cli.azure.cli.core.sdk.policies: Request method: 'GET'
DEBUG: cli.azure.cli.core.sdk.policies: Request headers:
REDACTED REQUEST HEADERS
DEBUG: cli.azure.cli.core.sdk.policies: Request body:
DEBUG: cli.azure.cli.core.sdk.policies: This request has no body
DEBUG: urllib3.connectionpool: Starting new HTTPS connection (1): management.azure.com:443
DEBUG: urllib3.connectionpool: https://management.azure.com:443 "GET /subscriptions/SUBSCRIPTION/resourceGroups//providers/Microsoft.Network/bastionHosts/?api-version=2022-01-01 HTTP/1.1" 200 2156
DEBUG: cli.azure.cli.core.sdk.policies: Response status: 200
REDACTED INFO ON RESPONSE HEADERS
DEBUG: cli.azure.cli.core.sdk.policies: Response content:
DEBUG: cli.azure.cli.core.sdk.policies: {
REDACTED
}
INFO: cli.azext_bastion.tunnel: Creating a socket on port: 0
INFO: cli.azext_bastion.tunnel: Setting socket options
INFO: cli.azext_bastion.tunnel: Binding to socket on local address and port
INFO: cli.azext_bastion.tunnel: Auto-selecting port: 49239
INFO: cli.azext_bastion.tunnel: Finished initialization
DEBUG: cli.azext_ssh.ssh_utils: Platform architecture: 64bit
DEBUG: cli.azext_ssh.ssh_utils: OS architecture: 64bit
DEBUG: cli.azext_ssh.ssh_utils: System Root: C:\WINDOWS
DEBUG: cli.azext_ssh.ssh_utils: Attempting to run ssh-keygen from path C:\WINDOWS\System32\openSSH\ssh-keygen.exe
DEBUG: cli.azure.cli.core.azclierror: Traceback (most recent call last):
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\knack/cli.py", line 233, in invoke
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 664, in execute
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 731, in _run_jobs_serially
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 701, in _run_job
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 334, in call
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/command_operation.py", line 121, in handler
File "C:\Users*USER*.azure\cliextensions\bastion\azext_bastion\custom.py", line 184, in ssh_bastion_host
azssh.ssh_cert(cmd, cert_path=os.path.join(cert_folder, "REDACTED"))
File "C:\Users*USER*.azure\cliextensions\ssh\azext_ssh\custom.py", line 127, in ssh_cert
public_key_file, _, _ = _check_or_create_public_private_files(public_key_file, None, keys_folder, ssh_client_folder)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users*USER*.azure\cliextensions\ssh\azext_ssh\custom.py", line 319, in _check_or_create_public_private_files
ssh_utils.create_ssh_keyfile(private_key_file, ssh_client_folder)
File "C:\Users*USER*.azure\cliextensions\ssh\azext_ssh\ssh_utils.py", line 164, in create_ssh_keyfile
sshkeygen_path = get_ssh_client_path("ssh-keygen", ssh_client_folder)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users*USER*.azure\cliextensions\ssh\azext_ssh\ssh_utils.py", line 324, in get_ssh_client_path
raise azclierror.UnclassifiedUserFault(
azure.cli.core.azclierror.UnclassifiedUserFault: Could not find ssh-keygen.exe on path C:\WINDOWS\System32\openSSH\ssh-keygen.exe.
ERROR: cli.azure.cli.core.azclierror: Could not find ssh-keygen.exe on path C:\WINDOWS\System32\openSSH\ssh-keygen.exe.
ERROR: az_command_data_logger: Could not find ssh-keygen.exe on path C:\WINDOWS\System32\openSSH\ssh-keygen.exe.
Make sure OpenSSH is installed correctly: https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse . Or use --ssh-client-folder to provide folder path with ssh executables.
DEBUG: cli.knack.cli: Event: Cli.PostExecute []
INFO: az_command_data_logger: exit code: 1
INFO: cli.main: Command ran in 4.515 seconds (init: 0.839, invoke: 3.676)
INFO: telemetry.main: Begin splitting cli events and extra events, total events: 1
INFO: telemetry.client: Accumulated 0 events. Flush the clients.
INFO: telemetry.main: Finish splitting cli events and extra events, cli events: 1
INFO: telemetry.save: Save telemetry record of length 3878 in cache
INFO: telemetry.main: Begin creating telemetry upload process.
INFO: telemetry.process: Creating upload process: "C:\Program Files\Microsoft SDKs\Azure\CLI2\python.exe C:\Program Files\Microsoft SDKs\Azure\CLI2\Lib\site-packages\azure\cli\telemetry_init_.pyc C:\Users*USER*.azure"
INFO: telemetry.process: Return from creating process
INFO: telemetry.main: Finish creating telemetry upload process.
Expected behavior
Expected behaviour is that one can specify the parameter for
ssh-client-folder, as used in theaz sshextension.Environment Summary
azure-cli 2.59.0 *
core 2.59.0 *
telemetry 1.1.0
Extensions:
amg 1.3.2
bastion 1.0.1
ssh 2.0.3
Dependencies:
msal 1.27.0
azure-mgmt-resource 23.1.0b2
Python location
C:\Program Files\Microsoft SDKs\Azure\CLI2\python.exeExtensions directory
C:\Users\USER\.azure\cliextensionsPython (Windows) 3.11.8 (tags/v3.11.8:db85d51, Feb 6 2024, 22:03:32) [MSC v.1937 64 bit (AMD64)]
Additional context
No response
The text was updated successfully, but these errors were encountered: