SSH-Transport for Salt
a project by jochenbreuer
Updated almost 4 years ago. 2 hacker ♥️. 3 followers.

If you are now thinking of Salt-SSH, this is not completely wrong, but also not right. What we are talking about here, is an other Transport for Salt, a replacement for ZeroMQ.

Why?

First of all, Upstream is interested in this and this is a strong argument. Also we would like to play with the idea of a master that is establishing a connection to a minion and not the other way around like the ZeroMQ transport is doing it. This would be the answer to the use-cases where we can't keep the connection to the minion all the time or establishing a connection to the master is simply not possible because of network configurations - but it would be possible for the master to reach the minion.

How?

  1. Deep diving into how a SaltStack transport works.
  2. Getting familiar with SSH and the Python libs available.
  3. Start implementation.

Join this project

Looking for hackers with the skills:

saltstack salt-ssh ssh

This project is part of:

Hack Week 17

Activity

  • over 5 years ago: marsalt joined this project.
  • over 7 years ago: jochenbreuer started this project.
  • over 7 years ago: jochenbreuer added keyword "ssh" to this project.
  • over 7 years ago: jochenbreuer added keyword "ssh" to this project.
  • over 7 years ago: jochenbreuer added keyword "saltstack" to this project.
  • over 7 years ago: jochenbreuer added keyword "salt-ssh" to this project.
  • over 7 years ago: j_renner liked this project.
  • over 7 years ago: dmaiocchi liked this project.
  • over 7 years ago: jochenbreuer originated this project.


    • Comments

    • marsalt
      over 5 years ago by marsalt | Reply

      I find establishing a connection from minion to master is very reliable.

    Similar Projects

    Ansible to Salt integration by vizhestkov

    Description

    We already have initial integration of Ansible in Salt with the possibility to run playbooks from the salt-master on the salt-minion used as an Ansible Control node.

    In this project I want to check if it possible to make Ansible working on the transport of Salt. Basically run playbooks with Ansible through existing established Salt (ZeroMQ) transport and not using ssh at all.

    Goals

    • [v] Prepare the testing environment with Salt and Ansible installed
    • [v] Discover Ansible codebase to figure out possible ways of integration
    • [v] Create Salt/Uyuni inventory module
    • [v] Make basic modules to work with no using separate ssh connection, but reusing existing Salt connection
    • [ ] Test some most common playbooks

    Resources

    TBD

    (Finish) Implementing SSH in Zig by lmulling

    Description

    Following Zig's philosophy of reinventing the wheel -- for the better, a while ago I've started implementing the ssh protocol in it. I've got as far as implementing all of the primitives, keys, certs, and most of the agent protocol -- what I needed at the time. Now, the aim is to finish the implementation.

    Current implementation: git.sr.ht/~mulling/zssh

    Goals

    • Have a working implementation of the ssh protocol in Zig.
    • Be flexible, as to allow for hacking of the protocol (i.e. testing PQC algorithms).
    • Be agnostic of cryptography libraries (i.e. libcrypto, leancrypto).

    Resources