[
https://issues.apache.org/jira/browse/AIRFLOW-4574?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Freddy Fostvedt updated AIRFLOW-4574:
-------------------------------------
Description:
The SSHHook only supports key_file parameter for specifying SSH keys on disk.
This means that private keys for ssh connections and connections that use ssh
hooks (sftp etc.) must be stored on the disk of the worker instead of in the
connection database. Maintaining the relationship between the worker's disk
state and the connection makes deploying connection changes unnecessarily
complicated.
Paramiko, which SSHHook is built on, has support for accepting private keys as
strings. The parameter used for this is called `pkey`.
[https://github.com/paramiko/paramiko/blob/53095107625a1303bd9fcfcc7c2c20b9819ee79f/paramiko/client.py#L224]
The work involved in doing this should only be to add .pkey as a parameter to
the SSHHook constructor, and test that SSHConnection passes pkey to SSHHook
which then passes it to Paramiko.
was:
The SSHHook only supports key_file parameter for specifying SSH keys on disk.
This means that private keys for ssh connections and connections that use ssh
hooks (sftp etc.) must be stored on the disk of the worker instead of in the
connection database. Maintaining the relationship between the worker's disk
state and the connection database is unnecessarily complicated and makes it
complicated to deploy a connection change within a project.
Paramiko, which SSHHook is built on, has support for accepting private keys as
strings. The parameter used for this is called `pkey`.
[https://github.com/paramiko/paramiko/blob/53095107625a1303bd9fcfcc7c2c20b9819ee79f/paramiko/client.py#L224]
The work involved in doing this should only be to add .pkey as a parameter to
the SSHHook constructor, and test that SSHConnection passes pkey to SSHHook
which then passes it to Paramiko.
> SSHHook should support pkey parameter
> -------------------------------------
>
> Key: AIRFLOW-4574
> URL: https://issues.apache.org/jira/browse/AIRFLOW-4574
> Project: Apache Airflow
> Issue Type: Improvement
> Components: hooks
> Reporter: Freddy Fostvedt
> Priority: Minor
>
> The SSHHook only supports key_file parameter for specifying SSH keys on disk.
> This means that private keys for ssh connections and connections that use ssh
> hooks (sftp etc.) must be stored on the disk of the worker instead of in the
> connection database. Maintaining the relationship between the worker's disk
> state and the connection makes deploying connection changes unnecessarily
> complicated.
> Paramiko, which SSHHook is built on, has support for accepting private keys
> as strings. The parameter used for this is called `pkey`.
> [https://github.com/paramiko/paramiko/blob/53095107625a1303bd9fcfcc7c2c20b9819ee79f/paramiko/client.py#L224]
> The work involved in doing this should only be to add .pkey as a parameter to
> the SSHHook constructor, and test that SSHConnection passes pkey to SSHHook
> which then passes it to Paramiko.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
