-
Notifications
You must be signed in to change notification settings - Fork 3.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
packer and ssh provisioner via socks/other proxy (Question/Feature Request) #5067
Comments
We have the notion of a bastion host for this problem. Please see https://www.packer.io/docs/templates/communicator.html#ssh-communicator There's more context on this decision at #2266 |
Bastion host is NOT a solution because you need ssh access. So it is just workaround for some cases and do not solve issue in general. |
It might be possible to add support via for SOCKS5 with go-socks but it might be a lot of work or impossible to mangle it into the SSH code. PR's are welcome. Another solutions is just to tell the networking guys that you will defeat their network filtering.
That would be a very big task, OpenSSH is a complex software.
No, Go doesn't use any shared libs. |
@rickard-von-essen take a look at #5439 and give it a try |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
Hi!
I have the following issue: I ran packer on
builder
node which does not have direct ssh access to network used for build.So for now builds are failed because
builder
can't connect directly to VM instances.(it is GCP but it does not matter)
I tried to use proxychains-ng (https://github.com/rofl0r/proxychains-ng) but it looks like
If no root access/no iptables at all on
builder
node so not able to use power of netfilter w/o root or on other Unix systems.My questions are:
Is it possible to use socks proxy for ssh in packer and how? if not it would be great to have such feature. (Not sure if it possible to use socks proxy with go ssh lib).
1.1 Support ssh config compatible with OpenSSH (~/.ssh/config) also would be very very helpful.
Is it possible to build packer with shared libs to be able to use socksifiers? And how?
The text was updated successfully, but these errors were encountered: