Fabric error when connecting to multiple hosts with ssh config file & RSA keys

Question

I have an error when i connect to multiple servers with Fabric using RSA keys and ssh config file. My client is snow leopard 10.6.8 with python 2.7.2, Fabric 1.4.0, ssh (library) 1.7.13. I use multiple RSA keys with passphrase (using without passphrase is not a possibility). I added my passphrases to ssh-add. I can ssh to all my servers without problem. I added env.use_ssh_config = True to my fab file to read my ssh config file.

When i connect to one server with RSA keys (with passphrases) all works fine.

But when i connect to 2 or more hosts, i keep getting "Login password" for the second server.

fab -H server1,server2 test
[server1] Executing task 'test'
[server1] run: uname -s
[server1] out: Linux

[server2] Executing task 'test'
[server2] run: uname -s
[server2] Login password:

My fabfile

from fabric.api import *
import ssh
ssh.util.log_to_file("paramiko.log", 10)

env.use_ssh_config = True

def test():
    run('uname -s')

My ssh config file

Host server1
HostName xx.xx.xx.xx
Port 6666
User AB1
HashKnownHosts yes
PreferredAuthentications publickey
AddressFamily inet    

Host server2
HostName xx.xx.xx.xx
Port 6666
User BC2
HashKnownHosts yes
PreferredAuthentications publickey
AddressFamily inet

In my ssh config file, I tried removing "HashKnownHosts yes" but that didn't change anything.

paramiko.log

DEB [20120329-17:33:30.747] thr=1   ssh.transport: starting thread (client mode): 0x1382350L
INF [20120329-17:33:30.769] thr=1   ssh.transport: Connected (version 2.0, client OpenSSH_4.3)
DEB [20120329-17:33:30.786] thr=1   ssh.transport: kex algos:['diffie-hellman-group-exchange-sha1', 'diffie-hellman-group14-sha1', 'diffie-hellman-group1-sha1'] server key:['ssh-rsa', 'ssh-dss'] client encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', '[email protected]'] server encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', '[email protected]'] client mac:['hmac-md5', 'hmac-sha1', 'hmac-ripemd160', '[email protected]', 'hmac-sha1-96', 'hmac-md5-96'] server mac:['hmac-md5', 'hmac-sha1', 'hmac-ripemd160', '[email protected]', 'hmac-sha1-96', 'hmac-md5-96'] client compress:['none', '[email protected]'] server compress:['none', '[email protected]'] client lang:[''] server lang:[''] kex follows?False
DEB [20120329-17:33:30.786] thr=1   ssh.transport: Ciphers agreed: local=aes128-ctr, remote=aes128-ctr
DEB [20120329-17:33:30.786] thr=1   ssh.transport: using kex diffie-hellman-group1-sha1; server key type ssh-rsa; cipher: local aes128-ctr, remote aes128-ctr; mac: local hmac-sha1, remote hmac-sha1; compression: local none, remote none
DEB [20120329-17:33:30.866] thr=1   ssh.transport: Switch to new keys ...
DEB [20120329-17:33:30.875] thr=2   ssh.transport: Trying SSH agent key ar8298z4c935cde079ef98763678ecc5
DEB [20120329-17:33:30.935] thr=1   ssh.transport: userauth is OK
INF [20120329-17:33:31.017] thr=1   ssh.transport: Authentication (publickey) failed.
DEB [20120329-17:33:31.039] thr=2   ssh.transport: Trying SSH agent key 0273aff478dddddd05378738dhe98798
DEB [20120329-17:33:31.055] thr=1   ssh.transport: userauth is OK
INF [20120329-17:33:31.135] thr=1   ssh.transport: Authentication (publickey) successful!
DEB [20120329-17:33:31.140] thr=2   ssh.transport: [chan 1] Max packet in: 34816 bytes
DEB [20120329-17:33:31.159] thr=1   ssh.transport: [chan 1] Max packet out: 32768 bytes
INF [20120329-17:33:31.159] thr=1   ssh.transport: Secsh channel 1 opened.
DEB [20120329-17:33:31.189] thr=1   ssh.transport: [chan 1] Sesch channel 1 request ok
DEB [20120329-17:33:31.218] thr=1   ssh.transport: [chan 1] Sesch channel 1 request ok
DEB [20120329-17:33:31.237] thr=1   ssh.transport: [chan 1] EOF received (1)
DEB [20120329-17:33:31.237] thr=1   ssh.transport: [chan 1] EOF sent (1)
DEB [20120329-17:33:31.275] thr=3   ssh.transport: starting thread (client mode): 0x10f9050L
INF [20120329-17:33:32.126] thr=3   ssh.transport: Connected (version 2.0, client OpenSSH_5.3)
DEB [20120329-17:33:32.156] thr=3   ssh.transport: kex algos:['diffie-hellman-group-exchange-sha256', 'diffie-hellman-group-exchange-sha1', 'diffie-hellman-group14-sha1', 'diffie-hellman-group1-sha1'] server key:['ssh-rsa', 'ssh-dss'] client encrypt:['blowfish-cbc', 'aes256-cbc', 'aes256-ctr'] server encrypt:['blowfish-cbc', 'aes256-cbc', 'aes256-ctr'] client mac:['hmac-sha1', 'hmac-sha1-96'] server mac:['hmac-sha1', 'hmac-sha1-96'] client compress:['none', '[email protected]', 'zlib'] server compress:['none', '[email protected]', 'zlib'] client lang:[''] server lang:[''] kex follows?False
DEB [20120329-17:33:32.156] thr=3   ssh.transport: Ciphers agreed: local=aes256-ctr, remote=aes256-ctr
DEB [20120329-17:33:32.156] thr=3   ssh.transport: using kex diffie-hellman-group1-sha1; server key type ssh-rsa; cipher: local aes256-ctr, remote aes256-ctr; mac: local hmac-sha1, remote hmac-sha1; compression: local none, remote none
DEB [20120329-17:33:32.209] thr=3   ssh.transport: Switch to new keys ...
DEB [20120329-17:33:32.243] thr=2   ssh.transport: Trying SSH agent key ar8298z4c935cde079ef98763678ecc5
DEB [20120329-17:33:32.307] thr=3   ssh.transport: userauth is OK
INF [20120329-17:33:32.426] thr=3   ssh.transport: Authentication (publickey) failed.
DEB [20120329-17:33:32.444] thr=2   ssh.transport: Trying SSH agent key 0273aff478dddddd05378738dhe98798
DEB [20120329-17:33:32.476] thr=3   ssh.transport: userauth is OK
INF [20120329-17:33:32.570] thr=3   ssh.transport: Authentication (publickey) failed.
DEB [20120329-17:33:32.578] thr=2   ssh.transport: Trying SSH agent key 7382deeeee873897883ccc9878972878
DEB [20120329-17:33:32.608] thr=3   ssh.transport: userauth is OK
INF [20120329-17:33:32.702] thr=3   ssh.transport: Authentication (publickey) failed.
DEB [20120329-17:33:32.711] thr=2   ssh.transport: Trying SSH agent key 98792098cccccccccccceeeeeeee9878
DEB [20120329-17:33:32.743] thr=3   ssh.transport: userauth is OK
INF [20120329-17:33:32.843] thr=3   ssh.transport: Authentication (publickey) failed.

SSH agent key 0273aff478dddddd05378738dhe98798 is the same for both servers. It connects on the first server but fails on the second server. I tried with different servers in different orders, but i am always having the same issue with fabric asking for a password for the second server.

How can i fix this?

Thank you

After checking the server logs, I think i found the problem. Fabric is using the wrong user when it tries to connect on the second server. — Tom

Morgan Morgan · Accepted Answer · 2012-04-26T00:42:00

With the use_ssh_config option set to true, that should pick up the username. You can test it out by running these lines in a python repl.

Fabric error when connecting to multiple hosts with ssh config file & RSA keys

1 Answers