From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0.migadu.com ([2001:41d0:303:e224::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms13.migadu.com with LMTPS id eCnNLAFLW2drEQEAqHPOHw:P1 (envelope-from ) for ; Thu, 12 Dec 2024 20:43:45 +0000 Received: from aspmx1.migadu.com ([2001:41d0:303:e224::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0.migadu.com with LMTPS id eCnNLAFLW2drEQEAqHPOHw (envelope-from ) for ; Thu, 12 Dec 2024 21:43:45 +0100 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=debbugs.gnu.org header.s=debbugs-gnu-org header.b=HOjsfUW7; dkim=fail ("headers rsa verify failed") header.d=wolfsden.cz header.s=mail header.b="yHfUCXR/"; dkim=fail ("headers rsa verify failed") header.d=wolfsden.cz header.s=mail header.b=BbqaE3+V; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=wolfsden.cz (policy=none); spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org" ARC-Seal: i=1; s=key1; d=yhetil.org; t=1734036225; a=rsa-sha256; cv=none; b=ONXGWaaaSvfaU771SAnNwbD+Uc33emyn8dUMfK4/UCtSlArodO9kRXgJW48jpiUV/+YPWp 8tsAIdh66a1/4fAy8dG27AZTUClTagkpZOb7giadNfgg1tfVwVa6XrIRiRMDkPKnb/KbtS RENJ8p3YlnAlLB5XwGbyMgzGV6mUjavfMS3ai2fTjoMHc7xurXO+yssmZkrApV7TQV9lLv YRFuOwF0PEjJnXzMBPYunmRlThCMyLIG/rJXjMBLIq4pK8i6Td3Za5T28lP8d5tv3Immte qdpHufJ/u+q9wkjoCdBg59KNkx//TpLaYsqqH7EV+D/DfLFGqQCZ4p5IkpftDA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=debbugs.gnu.org header.s=debbugs-gnu-org header.b=HOjsfUW7; dkim=fail ("headers rsa verify failed") header.d=wolfsden.cz header.s=mail header.b="yHfUCXR/"; dkim=fail ("headers rsa verify failed") header.d=wolfsden.cz header.s=mail header.b=BbqaE3+V; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=wolfsden.cz (policy=none); spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1734036225; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=jip6DTIS6tZjakzrPu5iTCF/3RjRBU7315OzlwqD9MY=; b=ZX4Cw47Ym3E7bQFeSKZnozPBxzm+rl9GemTbPlGOXx5/cMmYnTbZr7P0/3fMXsecslFtUz SZ2jTdys7D22x0S1FS+jigFpFLLHThTXN/NL06FbJjG6vCZX7AqkDxhCCQIHBADLc8sDcm VJUIWAlT99so9/Hr2rdcPlDaJN/iHM4InQO6mj8B1FMNZH1uHue/RhfYiJwfKEhHoHxBLO pr04lt9TvIBAgasPgyuQkWb9aKNjnmKVQbwWS2Ffp20aLH+FHztd96OY10qIxn7DuMHQ6D l1cgZphAZ1T2olVkga4rZSA6mmjsEkWuuPvihkgjSNPHJeXBrWXkjyg1CV1hVQ== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 61DFA384C for ; Thu, 12 Dec 2024 21:43:44 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tLovx-0001ja-Ni; Thu, 12 Dec 2024 14:33:13 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tLovv-0001jD-Ts for bug-guix@gnu.org; Thu, 12 Dec 2024 14:33:12 -0500 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1tLovv-0007mZ-Ik; Thu, 12 Dec 2024 14:33:11 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debbugs.gnu.org; s=debbugs-gnu-org; h=MIME-Version:Date:From:To:In-Reply-To:References:Subject; bh=jip6DTIS6tZjakzrPu5iTCF/3RjRBU7315OzlwqD9MY=; b=HOjsfUW7chp90+qMRsbSKeXkyuTsRG33OzexIyiDVWrjMHMUv3y1Z8pwtkaf4nbTHB6ff0s9ABXtXDfpbp9AC/Z9wf4XrChYTnWIYFq3LlG8Uj4Pa07G4zghE//lj5gdA+VROwfZpokpzCBr1o5mHkI5E/S/ud0/wEweGoGEyfdizRLCpp78xpEW5MlbRY2Iw/KQMf4QHkdG8R9CvjEGiGfNfPQmFDf2QEFoJpoAN2EPtHBx6u/5kTufGYTiazsJd5ktfzHVVTi3Flj/7m2QRsJyMpAIy4JQ5y5aqWYy8feiWmwIrHEvA8UW0ZYnEcNXMVPvz9AbzBPYHUvx37+TrA==; Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1tLovm-0004OD-TR; Thu, 12 Dec 2024 14:33:03 -0500 X-Loop: help-debbugs@gnu.org Subject: bug#74832: [PATCH] guix: Do not default to 22 ssh port (let guile-ssh do it). References: In-Reply-To: Resent-From: Tomas Volf <~@wolfsden.cz> Original-Sender: "Debbugs-submit" Resent-CC: guix@cbaines.net, dev@jpoiret.xyz, ludo@gnu.org, othacehe@gnu.org, zimon.toutoune@gmail.com, me@tobias.gr, bug-guix@gnu.org Resent-Date: Thu, 12 Dec 2024 19:33:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 74832 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: 74832@debbugs.gnu.org Cc: Tomas Volf <~@wolfsden.cz>, Christopher Baines , Josselin Poiret , Ludovic =?UTF-8?Q?Court=C3=A8s?= , Mathieu Othacehe , Simon Tournier , Tobias Geerinckx-Rice X-Debbugs-Original-Xcc: Christopher Baines , Josselin Poiret , Ludovic =?UTF-8?Q?Court=C3=A8s?= , Mathieu Othacehe , Simon Tournier , Tobias Geerinckx-Rice Received: via spool by 74832-submit@debbugs.gnu.org id=B74832.173403195016799 (code B ref 74832); Thu, 12 Dec 2024 19:33:02 +0000 Received: (at 74832) by debbugs.gnu.org; 12 Dec 2024 19:32:30 +0000 Received: from localhost ([127.0.0.1]:40384 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tLovA-0004Mj-Ue for submit@debbugs.gnu.org; Thu, 12 Dec 2024 14:32:30 -0500 Received: from wolfsden.cz ([37.205.8.62]:40786) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <~@wolfsden.cz>) id 1tLouo-0004Lb-AY for 74832@debbugs.gnu.org; Thu, 12 Dec 2024 14:32:23 -0500 Received: by wolfsden.cz (Postfix, from userid 104) id 9051935AA6E; Thu, 12 Dec 2024 19:32:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1734031920; bh=CesMmtGHfPpy4ZnYBL2RRH3zs0Ekg0+IjJH0DF7XVpo=; h=From:To:Cc:Subject:Date; b=yHfUCXR/Uxm2/vWsT5WSwH5JHqug6uwZCGbk5eR/FXFSMUJR/jL9kS3F4y8lTB3Kn JnP0kd//xTqjq6qXTJruWPGHvI3C+MvmJu2b21+JWFn4K413DJv5mwOvfas3H1vsDt ZwsL4ZBRfoFoy//LX4rC2thpUOrjk6pfgpafewgLWeJOWzmVaPvv1e9yETCRvr3BnW 3hqKUMQXBK5sNWjeRXZe34bE04wdTtNfcuLdawD+pXognSWaKMp5bepp3aDpAMEKQ0 ROFnT/NcgD8RVDzzCho6829FEUoN+8Xf3iSnHNK/IKAKsDXn2ZQ3ra5KCZOWdrGk2M FuE/5ndhhELMdIzya5X6BjK2BShiedwe41+5vImYu8i5Zxw4K4zkenHtix/QjeTNIz YAPmScMMeDsUe/3VS0g1S8X/WfCuEZSLM8Du/GVfdKoNG3JKgq6Egwfzk84NKozDnG G2L4SsH8yJNOb/JypbilPtIvW5BApxVpKBBOiXNHZx02sztmLVU2z4I57/zoWND6aJ reUYxhpUlB10PPV6Z3U2iXowjuEdTZOPqaZMXBOx2yOrK5mfZ9c0ZWTK9+1ogHhx9k tH7jSpmM3kL/zCpgsMNiFkgpUvJZ3RNIT7BGYAyZ7pie+kk10OXd24sD1TonZBYMqO CqShOAG20RjtDYxNt5Gru3lY= Received: from localhost (unknown [128.0.188.242]) by wolfsden.cz (Postfix) with ESMTPSA id AB9A735A6E0; Thu, 12 Dec 2024 19:31:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1734031919; bh=CesMmtGHfPpy4ZnYBL2RRH3zs0Ekg0+IjJH0DF7XVpo=; h=From:To:Cc:Subject:Date; b=BbqaE3+Vompg7E+Y1GidUUzX/iJC2Kt4RLcR7qg+SS9Ud+Qf6iLEZ+ra4t2nvs2aA MWapuYdcsofb5pfzsWQsg2+9qWXVf081kMQK4CtkNt8U0jF1aKimGS9fjA+5nAi3Q2 2hf70J9ZWcAaXwfUVGpBPTcPukk/ifICdWqq/rJiyfq+dj9GamqLH0u5/2Ar+QHiak G6xATEHLzx3FgWgBZj4UP4HVXkUK1tYQX9HxJTa8vOm0jSKTc9Y3EZyyBEzHwqulFq KpI48CnmZQum86UCua3MELWjWDbrXvofmsLkriZvtMqqwsBlBpHO6OW3WHKI/4an1r wtngwbADna2UsOdy1QwypYkwT9bcImqugnLRUKEBsbeKIFlmpuJz+wN0PW31FEsHpr k5oO90e8JTPfrmKkjUfu3KjstaUImhBBRjsodqK1MI31tmBBxoaZEB0fknGbgQqTUI 4StJ315PI1am8knDKcCRFuaxJjMlmb+i8vsAwaYHaOimWS/YlwxT9WefZ+Hj+Qwk8/ qVEiPc30wIiMRkIvxf29E18pMO5S5W1peYIox/Z1zr6Yf55hC0lashqrSQfFGZ9aKW v046iDtUbZUAG6sHd/ypqMQzBV/q2At3eYBq5pVDbq/k2aKjvc0w59LTMLOeOHkByW zMrHYR3YSJ2f0id6GYV3plJU= From: Tomas Volf <~@wolfsden.cz> Date: Thu, 12 Dec 2024 20:31:04 +0100 Message-ID: X-Mailer: git-send-email 2.46.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: bug-guix-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Spam-Score: -0.19 X-Spam-Score: -0.19 X-Migadu-Queue-Id: 61DFA384C X-Migadu-Scanner: mx12.migadu.com X-TUID: 7qPaZLTcdPg1 After update to guile-ssh 0.18.0, options passed to the `make-session' procedure now take precedence over the configuration file. In few places we however had code like `(or port 22)' leading to (in absence of alternative port being specified) always using port 22, ignoring the configuration file. Due to that for example following command fails: guix copy hello --to=name Name is reachable, but ssh server listens on port 2222. That is correctly configured in ~/.ssh/config, and the invocation used to succeed until the upgrade. However now it tries to connect to port 22 (since port was not specified). While setting the port on the command line *is* possible, it is not exactly ergonomic. Since guile-ssh (well, libssh) defaults to 22 if not told otherwise, we can just always pass the port, and #f will use the port from ~/.ssh/config or, iff none is set, 22. I went through the repository and adjusted all places where it seemed appropriate. In particular, these places were left alone: gnu/machine/digital-ocean.scm: The droplet is created with root user and the expected key, so forcing them to those values seems correct. gnu/machine/ssh.scm: For deployments reproducibility is favored over convenience, and user can pass #f to explicitly request using value the ~/.ssh/config. * guix/scripts/copy.scm (send-to-remote-host): Always pass the port to open-ssh-session. (retrieve-from-remote-host): Same. * guix/scripts/offload.scm (open-ssh-session): Pass #f as #:config. Skips reading the configuration file and is nicer. * guix/ssh.scm (open-ssh-session): Drop explicit parsing of the configuration since it is parsed by default. Report actual port used in the error message. * guix/store/ssh.scm (connect-to-daemon): Always pass the port part of the uri, even when #f. Change-Id: I5fdf20f36509a9a0ef138ce72c7198f688eea494 --- I did few more tweaks than strictly required, feel free to discard them. guix/scripts/copy.scm | 5 ++--- guix/scripts/offload.scm | 2 +- guix/ssh.scm | 8 +++----- guix/store/ssh.scm | 2 +- 4 files changed, 7 insertions(+), 10 deletions(-) diff --git a/guix/scripts/copy.scm b/guix/scripts/copy.scm index 67975ac1a9..116583590f 100644 --- a/guix/scripts/copy.scm +++ b/guix/scripts/copy.scm @@ -75,8 +75,7 @@ (define (send-to-remote-host local target opts) (options->derivations+files local opts))) (warn-if-empty items) (and (build-derivations local drv) - (let* ((session (open-ssh-session host #:user user - #:port (or port 22))) + (let* ((session (open-ssh-session host #:user user #:port port)) (remote (connect-to-remote-daemon session)) (sent (send-files local items remote #:recursive? #t))) @@ -89,7 +88,7 @@ (define (retrieve-from-remote-host local source opts) (let*-values (((user host port) (ssh-spec->user+host+port source)) ((session) - (open-ssh-session host #:user user #:port (or port 22))) + (open-ssh-session host #:user user #:port port)) ((remote) (connect-to-remote-daemon session))) ;; TODO: Here we could to compute and build the derivations on REMOTE diff --git a/guix/scripts/offload.scm b/guix/scripts/offload.scm index 93e9d3759c..ccf989a881 100644 --- a/guix/scripts/offload.scm +++ b/guix/scripts/offload.scm @@ -234,7 +234,7 @@ (define* (open-ssh-session machine #:optional max-silent-time) #:knownhosts "/dev/null" ;; Likewise for ~/.ssh/config. - #:config "/dev/null" + #:config #f ;; We need lightweight compression when ;; exchanging full archives. diff --git a/guix/ssh.scm b/guix/ssh.scm index ae506df14c..5e89997df3 100644 --- a/guix/ssh.scm +++ b/guix/ssh.scm @@ -138,10 +138,6 @@ (define* (open-ssh-session host #:key user port identity ;; Speed up RPCs by creating sockets with ;; TCP_NODELAY. #:nodelay #t))) - - ;; Honor ~/.ssh/config. - (session-parse-config! session) - (match (connect! session) ('ok (if host-key @@ -181,7 +177,9 @@ (define* (open-ssh-session host #:key user port identity (x ;; Connection failed or timeout expired. (raise (formatted-message (G_ "SSH connection to '~a' port ~a failed: ~a~%") - host (or port 22) (get-error session))))))) + host + (session-get session 'port) + (get-error session))))))) (define* (remote-inferior session #:optional become-command) "Return a remote inferior for the given SESSION. If BECOME-COMMAND is diff --git a/guix/store/ssh.scm b/guix/store/ssh.scm index 09c0832505..7e6371acbc 100644 --- a/guix/store/ssh.scm +++ b/guix/store/ssh.scm @@ -33,7 +33,7 @@ (define (connect-to-daemon uri) "Connect to the SSH daemon at URI, a URI object with the 'ssh' scheme." (remote-daemon-channel (open-ssh-session (uri-host uri) - #:port (or (uri-port uri) 22) + #:port (uri-port uri) #:user (uri-userinfo uri)))) ;;; ssh.scm ends here -- 2.46.0