Comments (8)
Merged the fix which autoclosed the ticket. Don't hesitate to open a new issue if you can reproduce the other issues you're talking about :)
from the-bastion.
I can reproduce with scp download (remote server => local machine), but not with scp upload (local machine => remote server).
That's already enough for me to start digging!
from the-bastion.
@SherifNagy do you have the possibility to try the issue-482 branch, before I merge it? This fixes it on my side, but as I wasn't able to reproduce the issue with scp download, I'd like to be sure the issue you're observing is not different.
from the-bastion.
@speed47 that seems to have fixed the ttyrec scp download / upload recording issue :) Thanks!
Still sometime the download / upload gets stuck in random times, I need to check some more stuff on my end and maybe will open another issue when I can confirm what's exactly going in , also OTP for users dosn't work on rocky9 but it's not selinux issue, debugging that as well before I open any other issues :) thanks again for sorting this one out!!
from the-bastion.
Maybe https://ovh.github.io/the-bastion/administration/configuration/bastion_conf.html?highlight=ttyrec#ttyrecstealthstdoutpattern in some capacity?
from the-bastion.
I am trying this method, with no luck, so
- I am using the scp helper script
- "ttyrecStealthStdoutPattern": ".* --osh scp --scp-cmd .*", in my /etc/bastion/bastion.conf
- this is with script in debug mode: + exec ssh USERNAME@BASTIONFQDN -T -x -oPermitLocalCommand=no -oClearAllForwardings=yes -oRemoteCommand=none -oRequestTTY=no -oForwardAgent=no -- --user root --port 22 --host XXXXXXXX --osh scp --scp-cmd scp#-f#/tmp/solr-7.7.1.tgz_ --mfa-token notrequired
What happens, is the SCP starts, and sometimes gets stuck at the end, and my ttyrec session is the size of the file
solr-7.7.1.tgz_ 74% 122MB 61.9MB/s 00:00 ETA
164M Jul 2 13:33 2024-07-02.13-32-57.398220.113a75ed54fd.sherif.0.scp.0.ttyrec
from the-bastion.
Hello,
You're not far from the truth @codyro ;) clearly this option has been added for similar cases, except that it's reserved to actual egress SSH connections and not osh
plugins. In the documentation, there is the rsync
example because if you want to use rsync through ssh, the bastion is not aware of it (rsync is then "just" a remote command started by ssh), and the only thing the bastion can do to tell you're using rsync is matching the command to be executed on the remote server.
For plugins, this is easier, and it should be the case for scp
out of the box, as seen here:
the-bastion/bin/plugin/open/scp.json
Line 3 in 3ba789e
I quickly tested, and can't seem to be able to reproduce by uploading a file. @SherifNagy which version are you using? Can you confirm the presence of the above configuration on your system?
Are you also using a recent version of ovh-ttyrec
? (I suppose you are, because older versions don't support this parameter, but it doesn't hurt to ask!)
from the-bastion.
I am using ovh-ttyrec-1.1.7.1-1 and just updated to latest bastion code 3.16.01
yes, the file is there and "stealth_stdout": true,
The issue happens in scp upload and scp download, the example I showed, was the "download" scp
I am open to run any more tests on my system
from the-bastion.
Related Issues (20)
- Connection to the Bastion takes many seconds HOT 2
- SCP Failure - Error 255
- master can't sync with slave HOT 1
- Arista - Add ssh key on a switch with "from" pattern HOT 1
- An alternative method to log into bastion.
- Synchronization between master and slave HOT 6
- Use a global folder for ttyrec sessions HOT 1
- SFTP plugin instead of SCP on recent OpenSSH versions HOT 2
- Login with user@domain HOT 2
- Accepting [email protected] for ingress key HOT 1
- Upgrade errors: [ERR.] <x> doesn't seem to be a valid bastion group HOT 1
- User suffix for device/network HOT 3
- pam-u2f in code or a configuration to do ? HOT 3
- Error when installing with ttyrec HOT 4
- Disable MFA verification when using an SK
- Feature Request: `*-sk` keys supporting PIV-like policies HOT 1
- SCP freezes wthen downloading large files: HOT 4
- Support for OIDC auth method
- Feature Request: auto accept keys
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from the-bastion.