[Fab-user] One-time passwords

Discussion:

Jens Rantil

2014-02-11 10:11:33 UTC

Hi,

I am looking into using one-time passwords for some security critical
machines. Will Fabric ask me for my password for every machine it can't
connect to (which is what I want)? Or will it fail after first failed
connect (after giving Fabric my first one-time-password)?

Thanks,
Jens

Jeff Forcier

2014-02-11 16:44:38 UTC

Permalink

Hi Jens,

IIRC, it should always fall back to re-prompting if the cached
password fails. It also caches passwords per server in most
situations, so if I understand you correctly (each server has its own
password, but this password is persistent and not changing during the
Fabric run?) that should be useful if you ever switch back to a
previously connected-to host (using execute() or manipulating
env.host_string.)

Best,
Jeff

Post by Jens Rantil
Hi,
I am looking into using one-time passwords for some security critical
machines. Will Fabric ask me for my password for every machine it can't
connect to (which is what I want)? Or will it fail after first failed
connect (after giving Fabric my first one-time-password)?
Thanks,
Jens
_______________________________________________
Fab-user mailing list
https://lists.nongnu.org/mailman/listinfo/fab-user

--
Jeff Forcier
Unix sysadmin; Python/Ruby engineer
http://bitprophet.org

Jens Rantil

2014-02-11 18:31:09 UTC

Permalink

Hi Jeff,

Sounds great and exactly the way I wanted it!

Thanks,
Jens

Sent from my iPhone 6

Post by Jeff Forcier
Hi Jens,
IIRC, it should always fall back to re-prompting if the cached
password fails. It also caches passwords per server in most
situations, so if I understand you correctly (each server has its own
password, but this password is persistent and not changing during the
Fabric run?) that should be useful if you ever switch back to a
previously connected-to host (using execute() or manipulating
env.host_string.)
Best,
Jeff

--
Jeff Forcier
Unix sysadmin; Python/Ruby engineer
http://bitprophet.org