airflow-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] ashb commented on a change in pull request #4249: [AIRFLOW-3410] Add feature to allow Host Key Change for SSH Op
Date Wed, 28 Nov 2018 11:39:00 GMT
ashb commented on a change in pull request #4249: [AIRFLOW-3410] Add feature to allow Host
Key Change for SSH Op
URL: https://github.com/apache/incubator-airflow/pull/4249#discussion_r237047102
 
 

 ##########
 File path: docs/howto/manage-connections.rst
 ##########
 @@ -350,3 +350,51 @@ Extra (optional)
 
         gcpcloudsql://user:XXXXXXXXX@1.1.1.1:3306/mydb?database_type=mysql&project_id=example-project&location=europe-west1&instance=testinstance&use_proxy=True&sql_proxy_use_tcp=False
 
+SSH
+~~~
+The SSH connection type provides connection to use :class:`~airflow.contrib.hooks.ssh_hook.SSHHook`
to run commands on a remote server using :class:`~airflow.contrib.operators.ssh_operator.SSHOperator`
or transfer file from/to the remote server using :class:`~airflow.contrib.operators.ssh_operator.SFTPOperator`.
+
+Configuring the Connection
+''''''''''''''''''''''''''
+Host (required)
+    The Remote host to connect.
+
+Username (optional)
+    The Username to connect to the remote_host.
+
+Password (optional)
+    Specify the password of the username to connect to the remote_host.
+
+Port (optional)
+    Port of remote host to connect. Default is 22.
+
+Extra (optional)
+    Specify the extra parameters (as json dictionary) that can be used in ssh
+    connection. The following parameters out of the standard python parameters
+    are supported:
+
+    * **timeout** - An optional timeout (in seconds) for the TCP connect.
+    * **compress** - ``true`` to ask the remote client/server to compress traffic; `false`
to refuse compression.
+    * **no_host_key_check** - Set to ``false`` to restrict connecting to hosts with no entries
in ``~/.ssh/known_hosts`` (Hosts file). This provides maximum protection against trojan horse
attacks, but can be troublesome when the ``/etc/ssh/ssh_known_hosts`` file is poorly maintained
or connections to new hosts are frequently made. This option forces the user to manually add
all new hosts. Default is ``true``, ssh will automatically add new host keys to the user known
hosts files
+    * **allow_host_key_change** - Set to ``true`` if you want to allow connecting to hosts
that has host key changed or when you get 'REMOTE HOST IDENTIFICATION HAS CHANGED' error.
Default is ``false``.
+
+    Example "extras" field:
+
+    .. code-block:: json
+
+       {
+          "timeout": "10",
+          "compress": "false",
+          "no_host_key_check": "false",
+          "allow_host_key_change": "true"
 
 Review comment:
   People will copy this by default - so can the first example people see be secure please?

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

Mime
View raw message