SshConfig - file for ssh client config

This module contains parsers that check the ssh client config files.

Parsers provided by this module are:

EtcSshConfig - file /etc/ssh/ssh_config

EtcSshConfigD - files /etc/ssh/ssh_config.d/*

ForemanSshConfig - file /usr/share/foreman/.ssh/ssh_config

ForemanProxySshConfig - file /usr/share/foreman-proxy/.ssh/ssh_config

class insights.parsers.ssh_client_config.EtcSshConfig(context)[source]

Bases: insights.parsers.ssh_client_config.SshClientConfig

This parser reads the file /etc/ssh/ssh_config

Sample output:

#   ProxyCommand ssh -q -W %h:%p gateway.example.com
#   RekeyLimit 1G 1h
#
# Uncomment this if you want to use .local domain
# Host *.local
#   CheckHostIP no
ProxyCommand ssh -q -W %h:%p gateway.example.com

Host *
    GSSAPIAuthentication yes
# If this option is set to yes then remote X11 clients will have full access
# to the original X11 display. As virtually no X11 client supports the untrusted
# mode correctly we set this to yes.
    ForwardX11Trusted yes
# Send locale-related environment variables
    SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
    SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
    SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE
    SendEnv XMODIFIERS

Host proxytest
    HostName 192.168.122.2
global_lines

The list of site-wide configuration, as namedtuple(‘KeyValue’, [‘keyword’, ‘value’, ‘line’]).

Type

list

host_lines

The dict of all host-specific definitions, as {‘Host_name’: [namedtuple(‘KeyValue’, [‘keyword’, ‘value’, ‘line’])]}

Type

dict

Examples

>>> len(etcsshconfig.global_lines)
1
>>> etcsshconfig.global_lines[0].keyword
'ProxyCommand'
>>> etcsshconfig.global_lines[0].value
'ssh -q -W %h:%p gateway.example.com'
>>> 'Host_*' in etcsshconfig.host_lines
True
>>> etcsshconfig.host_lines['Host_*'][0].keyword
'GSSAPIAuthentication'
>>> etcsshconfig.host_lines['Host_*'][0].value
'yes'
>>> etcsshconfig.host_lines['Host_*'][1].keyword
'ForwardX11Trusted'
>>> etcsshconfig.host_lines['Host_*'][1].value
'yes'
>>> etcsshconfig.host_lines['Host_proxytest'][0].keyword
'HostName'
>>> etcsshconfig.host_lines['Host_proxytest'][0].value
'192.168.122.2'
class insights.parsers.ssh_client_config.EtcSshConfigD(context)[source]

Bases: insights.parsers.ssh_client_config.SshClientConfig

This Parser reads the files /etc/ssh/ssh_config.d/*

Sample output:

# The options here are in the "Match final block" to be applied as the last
# options and could be potentially overwritten by the user configuration
Match final all
        # Follow system-wide Crypto Policy, if defined:
        Include /etc/crypto-policies/back-ends/openssh.config

        GSSAPIAuthentication yes

# If this option is set to yes then remote X11 clients will have full access
# to the original X11 display. As virtually no X11 client supports the untrusted
# mode correctly we set this to yes.
        ForwardX11Trusted yes

# Send locale-related environment variables
        SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
        SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
        SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE
        SendEnv XMODIFIERS

# Uncomment this if you want to use .local domain
# Host *.local
global_lines

The list of site-wide configuration, as namedtuple(‘KeyValue’, [‘keyword’, ‘value’, ‘line’]).

Type

list

host_lines

The dict of all host-specific definitions, as {‘Host_name’: [namedtuple(‘KeyValue’, [‘keyword’, ‘value’, ‘line’])]}

Type

dict

Examples

>>> etcsshconfigd.global_lines[1].keyword
'Include'
>>> etcsshconfigd.global_lines[1].value
'/etc/crypto-policies/back-ends/openssh.config'
class insights.parsers.ssh_client_config.ForemanProxySshConfig(context)[source]

Bases: insights.parsers.ssh_client_config.SshClientConfig

This parser reads the file /usr/share/foreman-proxy/.ssh/ssh_config

Sample output:

#   ProxyCommand ssh -q -W %h:%p gateway.example.com
#   RekeyLimit 1G 1h
#
# Uncomment this if you want to use .local domain
# Host *.local
#   CheckHostIP no
ProxyCommand ssh -q -W %h:%p gateway.example.com

Host *
    GSSAPIAuthentication yes
# If this option is set to yes then remote X11 clients will have full access
# to the original X11 display. As virtually no X11 client supports the untrusted
# mode correctly we set this to yes.
    ForwardX11Trusted yes
# Send locale-related environment variables
    SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
    SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
    SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE
    SendEnv XMODIFIERS

Host proxytest
    HostName 192.168.122.2
global_lines

The list of site-wide configuration, as namedtuple(‘KeyValue’, [‘keyword’, ‘value’, ‘line’]).

Type

list

host_lines

The dict of all host-specific definitions, as {‘Host_name’: [namedtuple(‘KeyValue’, [‘keyword’, ‘value’, ‘line’])]}

Type

dict

Examples

>>> len(foreman_proxy_ssh_config.global_lines)
1
>>> foreman_proxy_ssh_config.global_lines[0].keyword
'ProxyCommand'
>>> foreman_proxy_ssh_config.global_lines[0].value
'ssh -q -W %h:%p gateway.example.com'
>>> 'Host_*' in foreman_proxy_ssh_config.host_lines
True
>>> foreman_proxy_ssh_config.host_lines['Host_*'][0].keyword
'GSSAPIAuthentication'
>>> foreman_proxy_ssh_config.host_lines['Host_*'][0].value
'yes'
>>> foreman_proxy_ssh_config.host_lines['Host_*'][1].keyword
'ForwardX11Trusted'
>>> foreman_proxy_ssh_config.host_lines['Host_*'][1].value
'yes'
>>> foreman_proxy_ssh_config.host_lines['Host_proxytest'][0].keyword
'HostName'
>>> foreman_proxy_ssh_config.host_lines['Host_proxytest'][0].value
'192.168.122.2'
class insights.parsers.ssh_client_config.ForemanSshConfig(context)[source]

Bases: insights.parsers.ssh_client_config.SshClientConfig

This parser reads the file /usr/share/foreman/.ssh/ssh_config

Sample output:

#   ProxyCommand ssh -q -W %h:%p gateway.example.com
#   RekeyLimit 1G 1h
#
# Uncomment this if you want to use .local domain
# Host *.local
#   CheckHostIP no
ProxyCommand ssh -q -W %h:%p gateway.example.com

Host *
    GSSAPIAuthentication yes
# If this option is set to yes then remote X11 clients will have full access
# to the original X11 display. As virtually no X11 client supports the untrusted
# mode correctly we set this to yes.
    ForwardX11Trusted yes
# Send locale-related environment variables
    SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
    SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
    SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE
    SendEnv XMODIFIERS

Host proxytest
    HostName 192.168.122.2
global_lines

The list of site-wide configuration, as namedtuple(‘KeyValue’, [‘keyword’, ‘value’, ‘line’]).

Type

list

host_lines

The dict of all host-specific definitions, as {‘Host_name’: [namedtuple(‘KeyValue’, [‘keyword’, ‘value’, ‘line’])]}

Type

dict

Examples

>>> len(foremansshconfig.global_lines)
1
>>> foremansshconfig.global_lines[0].keyword
'ProxyCommand'
>>> foremansshconfig.global_lines[0].value
'ssh -q -W %h:%p gateway.example.com'
>>> 'Host_*' in foremansshconfig.host_lines
True
>>> foremansshconfig.host_lines['Host_*'][0].keyword
'GSSAPIAuthentication'
>>> foremansshconfig.host_lines['Host_*'][0].value
'yes'
>>> foremansshconfig.host_lines['Host_*'][1].keyword
'ForwardX11Trusted'
>>> foremansshconfig.host_lines['Host_*'][1].value
'yes'
>>> foremansshconfig.host_lines['Host_proxytest'][0].keyword
'HostName'
>>> foremansshconfig.host_lines['Host_proxytest'][0].value
'192.168.122.2'
class insights.parsers.ssh_client_config.SshClientConfig(context)[source]

Bases: insights.core.Parser

Base class for ssh client configuration file.

Sample output:

# This is the ssh client system-wide configuration file.  See
# ssh_config(5) for more information.  This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.

ProxyCommand ssh -q -W %h:%p gateway.example.com

Host *
        GSSAPIAuthentication yes
# If this option is set to yes then remote X11 clients will have full access
# to the original X11 display. As virtually no X11 client supports the untrusted
# mode correctly we set this to yes.
        ForwardX11Trusted yes
# Send locale-related environment variables
        SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
        SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
        SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE
        SendEnv XMODIFIERS

Host proxytest
    HostName 192.168.122.2
global_lines

The list of site-wide configuration, as namedtuple(‘KeyValue’, [‘keyword’, ‘value’, ‘line’]).

Type

list

host_lines

The dict of all host-specific definitions, as {‘Host_name’: [namedtuple(‘KeyValue’, [‘keyword’, ‘value’, ‘line’])]}

Type

dict

Examples

>>> len(sshconfig.global_lines)
1
>>> sshconfig.global_lines[0].keyword
'ProxyCommand'
>>> sshconfig.global_lines[0].value
'ssh -q -W %h:%p gateway.example.com'
>>> 'Host_*' in sshconfig.host_lines
True
>>> sshconfig.host_lines['Host_proxytest'][0].keyword
'HostName'
>>> sshconfig.host_lines['Host_proxytest'][0].value
'192.168.122.2'
Raises

SkipException -- When input content is empty. Not found any parse results.

class KeyValue(keyword, value, line)

Bases: tuple

property keyword
property line
property value
parse_content(content)[source]

This method must be implemented by classes based on this class.