In Python, using GitPython, I need to git push to a HTTPS remote repository on BitBucket.
After running the repo.git.push() command, it will return -as expected-:
bash: /dev/tty: No such device or address
error: failed to execute prompt script (exit code 1)
fatal: could not read Password for 'https://username#bitbucket.org': Invalid argument'
But Python will give me no change to enter the password like in the console.
How can I "attach" the password to the git push command or how can simulate a console password entry in Python?
It is important to note that unfortunately using SSH is not an alternative (the script should not requiere any further action to user that receives it and that wants to git push). I'm looking to "attach" the password into the command or to "simulate" a text entry on it.
What you are attempting to is skirt past security.
You need to create a pair of ssh keys.
Then, log-on to your bitbucket account's website and upload your public key.
Store your keys in your ~/.ssh directory.
When you have your keys setup you will not be prompted for a password anymore.
Here is more information about working with SSH keys: https://help.github.com/articles/generating-an-ssh-key/
Related
I work on a cluster that requires two-factor login for every new connection. When I try creating a remote python interpreter in PyCharm, I can successfully connect, which requires 1 round of two-factor login via Duo. But then, PyCharm tries to test whether rsync works, which requires another round of two-factor authentication:
Successfully connected to rschaef#login.sherlock.stanford.edu:22
> pwd
Failed to execute command
Checking rsync connection...
/usr/bin/rsync -n -e "ssh -p 22 " rschaef#login.sherlock.stanford.edu:
rschaef#login.sherlock.stanford.edu's password:
(rschaef#login.sherlock.stanford.edu) Duo two-factor login for rschaef
Enter a passcode or select one of the following options:
1. Duo Push to XXX-XXX-3013
2. Phone call to XXX-XXX-3013
3. SMS passcodes to XXX-XXX-3013
Passcode or option (1-3):
The problem is that PyCharm gives me no way to specify 1, 2 or 3, so I cannot authenticate again for rsync to complete. Consequently, I cannot move past this rsync step. Can someone please help me?
I have a git repository on an internal server and now want to have a scheduled task that automatically pulls changes to my local version. Found the GitPython package, which seems to be exactly what I need, but can't get it to work due to the password protection of the repo.
I have already cloned the repo to my local path (git clone git#LOCAL_IP:/repo/MY_GIT.git .) and will get prompted for the password every time I execute git pull from the command line (fair enough). According to How can I call 'git pull' from within Python?, I then tried exactly this
import git
g = git.cmd.Git(MY_LOCAL_PATH)
g.pull()
and (of course) get an error:
...
git.exc.GitCommandError: Cmd('git') failed due to: exit code(1)
cmdline: git pull
stderr: 'Permission denied, please try again.
Permission denied, please try again.
...
Unfortunately, from the many answers around the web dealing with PythoGit, I found none that tells me how I can set the password (I know that you should never ever hardcode passwords, but still...).
You can save credentials within git so that every git client can access them and won't ask the user. See How can I save username and password in Git? for details on how to do that.
I've got some code which needs to grab code from github periodically (on a Windows machine).
When I do pulls manually, I use GitBash, and I've got ssh keys running for the repos I check so everything is fine. However when I try to run the same actions in a python subprocess I don't have the ssh services which GitBash provides and I'm unable to authenticate to the repo.
How should I proceed from here. I can think of a couple of different options:
I could revert to using https:// fetches. This is problematic because the repos I'm fetching use 2-factor authentication and are going to be running unattended. Is there a way to access an https repo that has 2fa from a command line?
I've tried calling sh.exe with arguments that will fire off ssh-agent and then issuing my commands so that everything is running more or less the way it does in gitBash, but that doesn't seem to work:
"C:\Program Files (x86)\Git\bin\sh.exe" -c "C:/Program\ Files\ \(x86\)/Git/bin/ssh-agent.exe; C:/Program\ Files\ \(x86\)/Git/bin/ssh.exe -t git#github.com"
produces
SSH_AUTH_SOCK=/tmp/ssh-SiVYsy3660/agent.3660; export SSH_AUTH_SOCK;
SSH_AGENT_PID=8292; export SSH_AGENT_PID;
echo Agent pid 8292;
Could not create directory '/.ssh'.
The authenticity of host 'github.com (192.30.252.129)' can't be established.
RSA key fingerprint is XXXXXXXXXXX
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/.ssh/known_hosts).
Permission denied (publickey).
Could I use an ssh module in python like paramiko to establish a connection? It looks to me like that's only for ssh'ing into a remote terminal. Is there a way to make it provide an ssh connection that git.exe can use?
So, I'd be grateful if anybody has done this before or has a better alternative
The git bash set the HOME environment variable, which allows git to find the ssh keys (in %HOME%/.ssh)
You need to make sure the python process has or define HOME to the same PATH.
As explained in "Python os.environ[“HOME”] works on idle but not in a script", you need to set HOME to %USERPROFILE% (or, in python, to os.path.expanduser("~") ).
I would like to enter the name and password for git and the password for github from a python/shell script
But :
echo mypasswd | hg push
As :
echo myname mypasswd | git push origin master
Does not work
You can use:
git pull https://[user]:[passwd]github.com/[account]/[repo].git [branch]
Or add it as a remote:
git remote add origin https://[user]:[passwd]#github.com/[account]/[repo].git
If you want to keep the name origin for the new remote, you should delete the old one first by using git remote remove origin
Generally, when you want to provide answers to interactive commands you'll do it with something like this:
myCommand <<EOF
some answer
some other answer
EOF
But I'm afraid you can't use this kind of redirection / piping to provide passwords to your commands. As #Fidel pointed it out, you should check the expect command for that.
Also, you should authenticate on your SCM using rsa keys ;)
For Mercurial, you should take a look at how you can store HTTPS credentials. There are several options: you can store the password in a config file, you can use the keyring extension or you can hard-code it into the URL:
hg pull https://username:password#host/repo
Only put the password into the URL if you're on a trusted machine — other people logged into the machine will be able to see the password while your hg pull is running.
I would like to write a script that will tell another server to SVN export a SVN repository.
This is my python script:
import os
# svn export to crawlers
for s in ['work1.main','work2.main']:
cmd = 'ssh %s "cd /home/zes/ ; svn --force export svn+ssh://174.113.224.177/home/svn/dragon-repos"' % s
print cmd
os.system(cmd)
Very simple. It will ssh into work1.main, then cd to a correct directory. Then call SVN export command.
However, when I run this script...
$ python export_to_crawlers.py
ssh work1.main "cd /home/zes/ ; svn --force export svn+ssh://174.113.224.177/home/svn/dragon-repos"
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,gssapi-with-mic,password).
svn: Connection closed unexpectedly
ssh work2.main "cd /home/zes/ ; svn --force export svn+ssh://174.113.224.177/home/svn/dragon-repos"
Host key verification failed.
svn: Connection closed unexpectedly
Why do I get this error and cannot export the directory? I can manually type the commands in the command line and it will work. Why can't it work in the script?
If I change to this...it will not work. and instead, nothing will happen.
cmd = 'ssh %s "cd /home/zes/ ;"' % s
This is a problem with SSH.
Permission denied, please try again.
This means that ssh can't login. Either your ssh agent doesn't have the correct key loaded, you're running the script as a different user or the environment isn't passed on correctly. Check that the variables SSH_AUTH_SOCK and SSH_AGENT_PID are passed to the subprocess of your python script.
Host key verification failed.
This error means that the remote host isn't known to ssh. This means that the host key is not found in the file $HOME/.ssh/known_hosts. Again, make sure that you're checking the home directory of the effective user of the script.
[EDIT] When you run the script, then python will become the "input" of ssh: ssh is no longer connected to a console and will ask python for the password to login. Since python has no idea what ssh wants, it ignores the request. ssh tries three times and dies.
To solve it, run these commands before you run the Python script:
eval $(ssh-agent)
ssh-add path-to-your-private-key
Replace path-to-your-private-key with the path to your private key (the one which you use to login). ssh-add will ask for your password and the ssh-agent will save it in a secure place. It will also modify your environment. So when SSH runs the next time, it will notice that an ssh agent is running and ask it first. Since the ssh-agent knows the password, ssh will login without bothering Python.
To solve the second issue, run the second ssh command manually once. ssh will then add the second host to its files and won't ask again.
[EDIT2] See this howto for a detailed explanation how to login on a remote server via ssh with your private key.
I guess that it is related to ssh. Are you using a public key to automatically connect. I think that your shell knows this key but it is not the case of python.
I am not sure but it's just an idea. I hope it helps
Check out the pxssh module that is part of the pyexpect project:
https://pexpect.readthedocs.org/en/latest/api/pxssh.html
It simplifies dealing with automating ssh-ing into machines.