Use SSH public key authentication with Fabric #

Apr 24, 2009, 14:13 ▪ 4 comments ▪ fabric, ssh

Fabric is a very useful Python tool for scripting administration of remote servers. Like Capistrano it allows you to define tasks as a mixture of local and remote operations and then run them for lots of hosts, different groups of hosts, etc.

Increasingly I’m using configuring sshd to allow public key authentication only. Using this method makes your server more secure against increasingly common SSH brute force attacks. You can also configure an ssh-agent app to allow password-less logins.

If you want your Fabric tasks to access machines using public key authentication, add something like to your Fabfile:

from paramiko import RSAKey

config.fab_user = "jhacker"
config.fab_pkey = RSAKey.from_private_key_file("/path/to/keyfile")

Simple, and very useful.

yoan

May 10, 2010, 11:55

Since Fabric 0.9, you do it this (simpler) way now:

env.user = "jhacker"
env.key_filename = ["/path/to/keyfile"]

Cancel

Comments are closed for this post.

Ben Godfrey http://aftnn.org

May 10, 2010, 14:12

Yep, thanks for noting this.

Fabric is improving very quickly. It’s a great tool.

Cancel

Comments are closed for this post.

rocketmonkeys

Jan 27, 2011, 10:47

Thanks so much for this post! Helped me during some last-minute server updating.

Cancel

Comments are closed for this post.

Andy Skalet

Feb 1, 2011, 22:35

Thanks for writing this. Also, if it is more convenient to specify the key outside the fabfile, as it was for me, you can use ‘fab -i <path/to/keyfile> …’

Cancel

Comments are closed for this post.

Add a new comment

Comments are closed for this post.

Use SSH public key authentication with Fabric #

Comments

yoan

Ben Godfrey http://aftnn.org

rocketmonkeys

Andy Skalet

Info

This site

My other sites

Me elsewhere

Latest posts

Latest comments

Tags

Archive