SSH client wrapper for SSH with access token
Project description
mccli
SSH client wrapper for SSH with access token
Installation
- Install mccli from pypi:
pip install mccli
- Install mccli from source:
- Install prerequisites:
pip install -r requirements.txt
- Build package:
./setup.py sdist
- Install package:
pip install dist/mccli-$version.tar.gz
- Install prerequisites:
Usage
$ mccli --help
Usage: mccli [OPTIONS] COMMAND [ARGS]...
SSH client wrapper with OIDC-based authentication
Options:
Access Token sources: [mutually_exclusive]
The sources for retrieving an Access Token,
in the order they are checked. If no source
is specified, it will try to retrieve the
supported token issuer from the service.
--token TOKEN Pass token directly. Environment variables
are checked in given order. [env var:
ACCESS_TOKEN, OIDC, OS_ACCESS_TOKEN,
OIDC_ACCESS_TOKEN, WATTS_TOKEN,
WATTSON_TOKEN]
--oa-account, --oidc SHORTNAME
Name of configured account in oidc-agent.
[env var: OIDC_AGENT_ACCOUNT]
--iss, --issuer URL URL of token issuer. Configured account in
oidc-agent for this issuer will be used.
Environment variables are checked in given
order. [env var: OIDC_ISS, OIDC_ISSUER]
motley_cue options:
--mc-endpoint URL motley_cue API endpoint. Default URLs are
checked in given order: https://HOSTNAME,
https://HOSTNAME:8443, http://HOSTNAME:8080
--insecure Ignore verifying the SSL certificate for
motley_cue endpoint, NOT RECOMMENDED.
--no-cache Do not cache HTTP requests.
Verbosity:
--debug Sets the log level to DEBUG.
--log-level LEVEL Either CRITICAL, ERROR, WARNING, INFO or
DEBUG. Default value: ERROR. [env var: LOG]
Help:
-h, --help Show this message and exit.
-V, --version Show the version and exit.
Commands:
info get info about service
scp secure file copy
sftp secure file transfer
ssh remote login client
You can also use the help option on each subcommand, eg:
mccli ssh --help
First, you'll need an OIDC Access Token to authenticate. You might want to check out the oidc-agent for that.
After you get the oidc-agent
running, configure an account for your OP.
For example, if you generated an account named egi
for the EGI AAI, you can set this in an environment variable:
export OIDC_AGENT_ACCOUNT=egi
Then, assuming that the ssh server has a motley_cue instance running on the same host at https://$SSH_SERVER or http://$SSH_SERVER:8080, you can connect to the ssh server simply by:
mccli ssh $SSH_SERVER
Or get the sshpass command that you can run instead:
mccli ssh $SSH_SERVER --dry-run
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.