Command line interface to the c-bastion

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Immobilienscout24 from gravatar.com Immobilienscout24

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Project description

Travis build status image Coverage status Version

About

This is the command line interface to the *c-bastion* jump host. It allows you to upload and ssh-key-file and create a user on the jump-host, so that you can log into it. It requires an initial connection to auth-server to obtain an (open-id-connect) access token.

The basic flow is as follows:

+-----------+   +-----------+   +-----------+
|           |   |           |   |           |
| developer |   |   auth    |   |   jump    |
|           |   |           |   |           |
+-----------+   +-----------+   +-----------+
      |               |               |
      |               |               |
      +--------------->               |
      | request token |               |
      |               |               |
      <---------------+               |
      | receive token |               |
      |               |               |
      +------------------------------->
      | upload ssh-key|and create user|
      |               |               |
      |               |               |
      +------------------------------->
      | ssh login     |               |
      |               |               |
      |               |               |
      +               +               +

Where developer is your local machine (desktop, laptop, etc..) auth is the auth-server and jump is the jump host. cbas takes care of obtaining the token and uploading the ssh-key.

Install

Use the Python standards, for example:

$ pip install cbas

Usage

$ cbas --help
Usage: cbas [OPTIONS] COMMAND [ARGS]...

Options:
  -v, --verbose                   Activate verbose mode.
  -c, --config <config_path>      Path to config file. Default: '~/.cbas'.
  -u, --username <username>       Username. Default: the logged in user.
  -k, --ssh-key-file <key-file>   SSH Identity to use. Default:
                                  '~/.ssh/id_rsa.pub'.
  -p, --password-provider <provider>
                                  Password provider. Default: 'prompt'.
  -a, --auth-url <auth_url>       Auth-server URL.
  -s, --client-secret <secret>    Special client secret, ask mum.
  -h, --jump-host <host>          Jump host to connect with.
  --version                       Print version and exit.
  --help                          Show this message and exit.

Commands:
  delete  Delete user.
  upload  Upload ssh-key and create user
verbose

This switch activates verbose output, useful in case you are debugging

config

The path to the config file. Note, since we are using the yamlreader package, this could also be a directory with multiple config files. Also, the config is in YAML syntax, see below.

username

The username when communicating with the auth-server. Note that the returned token contains the authenticated username which is subsequently sent to the jump-host. Thus you will not be able to create arbitrary users on the jump-host

ssh-key-file

Path to the public ssh-key-file. This will be uploaded to the jump-host.

password-provider

Where to get the password from. Valid values are prompt and keyring (and testing). prompt will always ask for a password, whereas keyring will ask exactly once and then store the password in the system keyring.

auth-url

The URL to access the auth-server and obtain the token. E.g. https://auth-server.example/oauth/token. (Note that this includes the protocol.

client-secret

A special client secret string needed when communicating with the auth-server.

jump-host

The hostname of the jump-host. E.g. jump-host.example. (Note that this excludes the protocol.)

version

Display verion number and exit.

help

Display help and exit.

License

Copyright 2016 Immobilien Scout GmbH

Licensed under the Apache License, Version 2.0 (the “License”); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Immobilienscout24 from gravatar.com Immobilienscout24

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Release history Release notifications | RSS feed

156

154

150

142

136

133

131

130

128

127

125

120

119

118

117

116

115

113

This version

112

109

108

106

100

97

96

95

94

92

88

86

85

82

81

80

79

77

1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cbas-112.tar.gz (6.2 kB view details)

Uploaded Source

File details

Details for the file cbas-112.tar.gz.

File metadata

  • Download URL: cbas-112.tar.gz
  • Upload date:
  • Size: 6.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for cbas-112.tar.gz
Algorithm Hash digest
SHA256 2e40d1f0e7d7ac6f83a6ce8dc142de15801b92f86c13c6a6761dba6475465eca
MD5 2362bcb4cf0d7d10e174d16c12d4d0f5
BLAKE2b-256 a13d24a683b00f0c2eb6efd15627af80cf85ab17d8957ae20e6b807da9ce352d

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page