mirror of https://github.com/jumpserver/jumpserver
perf: 优化针对低版本 ssh 版本的任务
Eric
Bryan
parent
22d70eb416
commit
2f16bdc4be
|
|
@ -18,6 +18,7 @@
|
|||
become_user: "{{ custom_become_user | default('') }}"
|
||||
become_password: "{{ custom_become_password | default('') }}"
|
||||
become_private_key_path: "{{ custom_become_private_key_path | default(None) }}"
|
||||
old_ssh_version: "{{ jms_asset.old_ssh_version | default(False) }}"
|
||||
register: ping_info
|
||||
delegate_to: localhost
|
||||
|
||||
|
|
@ -54,4 +55,5 @@
|
|||
become_user: "{{ account.become.ansible_user | default('') }}"
|
||||
become_password: "{{ account.become.ansible_password | default('') }}"
|
||||
become_private_key_path: "{{ account.become.ansible_ssh_private_key_file | default(None) }}"
|
||||
old_ssh_version: "{{ jms_asset.old_ssh_version | default(False) }}"
|
||||
delegate_to: localhost
|
||||
|
|
|
|||
|
|
@ -85,6 +85,7 @@
|
|||
become_user: "{{ account.become.ansible_user | default('') }}"
|
||||
become_password: "{{ account.become.ansible_password | default('') }}"
|
||||
become_private_key_path: "{{ account.become.ansible_ssh_private_key_file | default(None) }}"
|
||||
old_ssh_version: "{{ jms_asset.old_ssh_version | default(False) }}"
|
||||
when: account.secret_type == "password"
|
||||
delegate_to: localhost
|
||||
|
||||
|
|
@ -95,5 +96,6 @@
|
|||
login_user: "{{ account.username }}"
|
||||
login_private_key_path: "{{ account.private_key_path }}"
|
||||
gateway_args: "{{ jms_asset.ansible_ssh_common_args | default('') }}"
|
||||
old_ssh_version: "{{ jms_asset.old_ssh_version | default(False) }}"
|
||||
when: account.secret_type == "ssh_key"
|
||||
delegate_to: localhost
|
||||
|
|
|
|||
|
|
@ -85,6 +85,7 @@
|
|||
become_user: "{{ account.become.ansible_user | default('') }}"
|
||||
become_password: "{{ account.become.ansible_password | default('') }}"
|
||||
become_private_key_path: "{{ account.become.ansible_ssh_private_key_file | default(None) }}"
|
||||
old_ssh_version: "{{ jms_asset.old_ssh_version | default(False) }}"
|
||||
when: account.secret_type == "password"
|
||||
delegate_to: localhost
|
||||
|
||||
|
|
@ -95,5 +96,6 @@
|
|||
login_user: "{{ account.username }}"
|
||||
login_private_key_path: "{{ account.private_key_path }}"
|
||||
gateway_args: "{{ jms_asset.ansible_ssh_common_args | default('') }}"
|
||||
old_ssh_version: "{{ jms_asset.old_ssh_version | default(False) }}"
|
||||
when: account.secret_type == "ssh_key"
|
||||
delegate_to: localhost
|
||||
|
|
|
|||
|
|
@ -85,6 +85,7 @@
|
|||
become_user: "{{ account.become.ansible_user | default('') }}"
|
||||
become_password: "{{ account.become.ansible_password | default('') }}"
|
||||
become_private_key_path: "{{ account.become.ansible_ssh_private_key_file | default(None) }}"
|
||||
old_ssh_version: "{{ jms_asset.old_ssh_version | default(False) }}"
|
||||
when: account.secret_type == "password"
|
||||
delegate_to: localhost
|
||||
|
||||
|
|
@ -95,6 +96,7 @@
|
|||
login_user: "{{ account.username }}"
|
||||
login_private_key_path: "{{ account.private_key_path }}"
|
||||
gateway_args: "{{ jms_asset.ansible_ssh_common_args | default('') }}"
|
||||
old_ssh_version: "{{ jms_asset.old_ssh_version | default(False) }}"
|
||||
when: account.secret_type == "ssh_key"
|
||||
delegate_to: localhost
|
||||
|
||||
|
|
|
|||
|
|
@ -85,6 +85,7 @@
|
|||
become_user: "{{ account.become.ansible_user | default('') }}"
|
||||
become_password: "{{ account.become.ansible_password | default('') }}"
|
||||
become_private_key_path: "{{ account.become.ansible_ssh_private_key_file | default(None) }}"
|
||||
old_ssh_version: "{{ jms_asset.old_ssh_version | default(False) }}"
|
||||
when: account.secret_type == "password"
|
||||
delegate_to: localhost
|
||||
|
||||
|
|
@ -95,6 +96,7 @@
|
|||
login_user: "{{ account.username }}"
|
||||
login_private_key_path: "{{ account.private_key_path }}"
|
||||
gateway_args: "{{ jms_asset.ansible_ssh_common_args | default('') }}"
|
||||
old_ssh_version: "{{ jms_asset.old_ssh_version | default(False) }}"
|
||||
when: account.secret_type == "ssh_key"
|
||||
delegate_to: localhost
|
||||
|
||||
|
|
|
|||
|
|
@ -19,3 +19,4 @@
|
|||
become_user: "{{ account.become.ansible_user | default('') }}"
|
||||
become_password: "{{ account.become.ansible_password | default('') }}"
|
||||
become_private_key_path: "{{ account.become.ansible_ssh_private_key_file | default(None) }}"
|
||||
old_ssh_version: "{{ jms_asset.old_ssh_version | default(False) }}"
|
||||
|
|
|
|||
|
|
@ -19,3 +19,4 @@
|
|||
become_user: "{{ custom_become_user | default('') }}"
|
||||
become_password: "{{ custom_become_password | default('') }}"
|
||||
become_private_key_path: "{{ custom_become_private_key_path | default(None) }}"
|
||||
old_ssh_version: "{{ jms_asset.old_ssh_version | default(False) }}"
|
||||
|
|
|
|||
|
|
@ -38,6 +38,14 @@ class Protocol(ChoicesMixin, models.TextChoices):
|
|||
cls.ssh: {
|
||||
'port': 22,
|
||||
'secret_types': ['password', 'ssh_key'],
|
||||
'setting': {
|
||||
'old_ssh_version': {
|
||||
'type': 'bool',
|
||||
'default': False,
|
||||
'label': _('Old SSH version'),
|
||||
'help_text': _('Old SSH version like openssh 5.x or 6.x')
|
||||
}
|
||||
}
|
||||
},
|
||||
cls.sftp: {
|
||||
'port': 22,
|
||||
|
|
|
|||
|
|
@ -91,6 +91,15 @@ class JMSInventory:
|
|||
}
|
||||
return var
|
||||
|
||||
@staticmethod
|
||||
def make_protocol_setting_vars(host, protocols):
|
||||
# 针对 ssh 协议的特殊处理
|
||||
for p in protocols:
|
||||
if p.name == 'ssh':
|
||||
if hasattr(p, 'setting'):
|
||||
setting = getattr(p, 'setting')
|
||||
host['old_ssh_version'] = setting.get('old_ssh_version', False)
|
||||
|
||||
def make_account_vars(self, host, asset, account, automation, protocol, platform, gateway):
|
||||
from accounts.const import AutomationTypes
|
||||
if not account:
|
||||
|
|
@ -186,6 +195,8 @@ class JMSInventory:
|
|||
} if account else None
|
||||
}
|
||||
|
||||
self.make_protocol_setting_vars(host, protocols)
|
||||
|
||||
protocols = host['jms_asset']['protocols']
|
||||
host['jms_asset'].update({f"{p['name']}_port": p['port'] for p in protocols})
|
||||
if host['jms_account'] and tp == 'oracle':
|
||||
|
|
|
|||
|
|
@ -4,9 +4,8 @@ import time
|
|||
import paramiko
|
||||
from sshtunnel import SSHTunnelForwarder
|
||||
|
||||
from packaging import version
|
||||
|
||||
if version.parse(paramiko.__version__) > version.parse("2.8.1"):
|
||||
class OldSSHTransport(paramiko.transport.Transport):
|
||||
_preferred_pubkeys = (
|
||||
"ssh-ed25519",
|
||||
"ecdsa-sha2-nistp256",
|
||||
|
|
@ -17,7 +16,6 @@ if version.parse(paramiko.__version__) > version.parse("2.8.1"):
|
|||
"rsa-sha2-512",
|
||||
"ssh-dss",
|
||||
)
|
||||
paramiko.transport.Transport._preferred_pubkeys = _preferred_pubkeys
|
||||
|
||||
|
||||
def common_argument_spec():
|
||||
|
|
@ -36,6 +34,8 @@ def common_argument_spec():
|
|||
become_user=dict(type='str', required=False),
|
||||
become_password=dict(type='str', required=False, no_log=True),
|
||||
become_private_key_path=dict(type='str', required=False, no_log=True),
|
||||
|
||||
old_ssh_version=dict(type='bool', default=False, required=False),
|
||||
)
|
||||
return options
|
||||
|
||||
|
|
@ -69,6 +69,8 @@ class SSHClient:
|
|||
params['username'] = self.module.params['login_user']
|
||||
params['password'] = self.module.params['login_password']
|
||||
params['key_filename'] = self.module.params['login_private_key_path'] or None
|
||||
if self.module.params['old_ssh_version']:
|
||||
params['transport_factory'] = OldSSHTransport
|
||||
return params
|
||||
|
||||
def _get_channel(self):
|
||||
|
|
|
|||
Loading…
Reference in New Issue