Add support for SSH connection using openSSH certificates in SSHHook #64676
Unanswered
oWnKeyKing
asked this question in
Ideas
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Using SSH certificates is good way to secure and manage ssh connections.
It allows storing short-lived keys and easily revoking them in case of compromise.
The extra field in the ssh_conn object is not limited and it is possible to add keys and values as needed. In this case, it would be convenient to add an ssh_certificate field.
Unfortunately, the SSHOperator and SSHHook do not currently support connection management via this method.
To improve the Operator, the hook should be able to establish a connexion by ssh certificate when the field "ssh_certificate" is provided.
If I'm not mistaken, SSHHook uses the paramiko lib, which has the load_certificate() function which could fit to the solution
Beta Was this translation helpful? Give feedback.
All reactions