Skip to content

feat: add ssh key authentication support#1075

Merged
ernado merged 3 commits intoClickHouse:mainfrom
shivanshuraj1333:feat/issues/350
Jul 16, 2025
Merged

feat: add ssh key authentication support#1075
ernado merged 3 commits intoClickHouse:mainfrom
shivanshuraj1333:feat/issues/350

Conversation

@shivanshuraj1333
Copy link
Copy Markdown
Contributor

@shivanshuraj1333 shivanshuraj1333 commented Jul 14, 2025
edited
Loading

fixes: #350

Summary

adds ssh support for auth

Checklist

Delete items not relevant to your PR:

@shivanshuraj1333 shivanshuraj1333 mentioned this pull request Jul 14, 2025
Open
3 tasks
@shivanshuraj1333 shivanshuraj1333 force-pushed the feat/issues/350 branch 8 times, most recently from 18a50b0 to 68137dd Compare July 14, 2025 09:35
@shivanshuraj1333
Copy link
Copy Markdown
Contributor Author

shivanshuraj1333 commented Jul 15, 2025

@SpencerTorres need your help for this one too...

@SpencerTorres
Copy link
Copy Markdown
Member

SpencerTorres commented Jul 16, 2025

@ernado Security related code. I'd like to get another review on this if you can take a look. Thanks!

@SpencerTorres SpencerTorres requested a review from ernado July 16, 2025 01:14
ernado
ernado requested changes Jul 16, 2025
View reviewed changes
Copy link
Copy Markdown
Collaborator

@ernado ernado left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good in general, but some changes:

Please use golang.org/x/crypto/ssh's ssh.Signer in config so user can choose a method of storing keys.

client.go Outdated
MeterProvider metric.MeterProvider

// SSH authentication
SSHKeyFile string // path to SSH private key file
Copy link
Copy Markdown
Collaborator

@ernado ernado Jul 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lets use

import (
   cryptossh "golang.org/x/crypto/ssh"
)

// ...

// SSH authentication.
SSHSigner cryptossh.Signer

Here to allow manually loading SSH keys from vaults/memory.

Copy link
Copy Markdown
Contributor Author

@shivanshuraj1333 shivanshuraj1333 Jul 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

@shivanshuraj1333
Copy link
Copy Markdown
Contributor Author

shivanshuraj1333 commented Jul 16, 2025

@ernado I'm now making a good use of ssh.Signer and have refactored the code as requested, can you please re-review?

ernado
ernado approved these changes Jul 16, 2025
View reviewed changes
Copy link
Copy Markdown
Collaborator

@ernado ernado left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you!

@ernado ernado merged commit 5d2da5d into ClickHouse:main Jul 16, 2025
19 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ernado ernado ernado approved these changes

@SpencerTorres SpencerTorres SpencerTorres approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

feat: support ssh auth

4 participants

@shivanshuraj1333 @SpencerTorres @ernado @mshustov