(R)?ex Deployment & Configuration Management

Search

News

2016-09-08

Work with (R)?ex at adjust! Check out their job posting for details, or contact our fellow core developer, FErki.

2016-07-16

(R)?ex 1.4.1 released, fixing many bugs. See the release notes for more details.

2016-03-07

(R)?ex 1.4.0 released, containing lots of goodies. See the release notes for more details.

2015-09-04

(R)?ex 1.3.3 released, fixing a bunch of bugs. See the release notes for more details.

2015-06-22

adjust GmbH is sponsoring the (R)?ex project with a new build server. Thank you for your support!

2015-06-17

(R)?ex 1.3.2 released, fixing issues related to file manipulation when run on BSDs. See the release notes for more details.

2015-06-08

(R)?ex 1.3.1 released, fixing Rex::Commands::DB related tests.

2015-05-27

Read the second part of "Rex in practice" series about Test-driven infrastructure.

2015-05-09

repositor.io 1.1.0 released. repositor.io is a repository management tool for apt, yum, yast and docker. This is a bugfix release with fixes for ubuntu and centos7 installation media mirroring.

2015-05-03

(R)?ex 1.2.0 released. See the release notes for more details.

2015-03-27

View the slides of the talk An introduction to Rex from Andy Beverley.

Conferences

2016-06-21

Training

Need Help?

Rex is a pure open source project, you can find community support in the following places:

Professional support is also available.

» Home » Docs » Rex Book (work in progress) » The Rex DSL » Authentication

Authentication

Rex is capable to use two different SSH implementations under the hood: Net::SSH2 which is default on Windows, and the combination of Net::OpenSSH and Net::SFTP::Foreign on other platforms.

Those SSH implementations support many different authentication methods like passwords, key based or Kerberos authentication, or using and forwarding SSH agent. If you don't specify one of them explicitly, Rex will try to figure out which one to use, but that may or may not work for you, or be the one you expected. Rex also tries to use the current user's username for authentication if it's not specified with user.

All in all, despite the comfort the above behaviour might provide, we recommend to be explicit about the authentication method to be used as some servers may be configured to drop the connection after a couple of failed authentication attempts.

You can find examples on how to configure them below.

Password authentication

The simplest way to authenticate against your servers is to use password authentication. For this you need a valid user and a password on the remote host.

user 'root';
password 'my_password';
pass_auth;

Specifying pass_auth is optional.

Key based authentication

Another simple way is to use a pair of private and public keys to authenticate against your servers.

If you don't have a pair of keys yet you can create them with ssh-keygen on Unix-like systems and with PuTTYgen on Windows.

Due to the differences of their implementations, the key here (pun intended) is that you have to include the path to both of your keys when using Net::SSH2, but you can omit them when using Net::OpenSSH.

Net::SSH2

user 'root';
private_key '/path/to/your/private.key';
public_key '/path/to/your/public.key';
key_auth;

Net::OpenSSH

user 'root';
key_auth;

If you use a passphrase with your private key, you can specify it simply as if it was a password:

Net::SSH2

user 'root';
private_key '/path/to/your/private.key';
public_key '/path/to/your/public.key';
password 'my_password';
key_auth;

Net::OpenSSH

user 'root';
password 'my_password';
key_auth;

Using an SSH agent

If you can't or don't want to use any of the above methods, you can use agent authentication. Configuration for it is very similar to key based authentication, you only need to omit key_auth.

Net::SSH2

user 'root';
private_key '/path/to/your/private.key';
public_key '/path/to/your/public.key';

Net::OpenSSH

user 'root';

Important notes:

  1. For agent authentication to work, make sure the agent is running on your system.
  2. Agent forwarding only works with Net::OpenSSH.

Kerberos authentication

As of version 0.42.0, Rex supports Kerberos authentication through Net::OpenSSH:

user 'root';
krb5_auth;

 

 

Fork me on GitHub
Google Group / Twitter / GitHub / Mailinglist / irc.freenode.net #rex   -.รด.-   Disclaimer