Fix race condition between SSH client and ProxyCommand process#5001
Open
Fix race condition between SSH client and ProxyCommand process#5001
Conversation
The proxy mode process was unconditionally running key generation and SaveSSHKeyPair, which wiped the SSH keys directory while the parent SSH client was trying to read the identity file — causing "Permission denied (publickey)" errors. Two fixes: 1. Skip key operations (secret scope creation, key generation, SaveSSHKeyPair) in proxy mode — it only proxies stdin/stdout over a WebSocket and never needs SSH keys. 2. Fix SaveSSHKeyPair to remove only the specific session's key files instead of os.RemoveAll on the entire parent directory, which also broke concurrent sessions to different clusters. Co-authored-by: Isaac
Waiting for approvalBased on git history, these people are best suited to review:
Eligible reviewers: Suggestions based on git history. See OWNERS for ownership rules. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Additional take on #4988
SaveSSHKeyPair, which wiped the SSH keys directory while the parent SSH client was concurrently reading the identity file — causing "Permission denied (publickey)" errors. Proxy mode only proxies stdin/stdout over a WebSocket and never needs SSH keys.SaveSSHKeyPairto not wipe sibling sessions:os.RemoveAll(filepath.Dir(keyPath))removed the entire~/.databricks/ssh-tunnel-keys/directory instead of just the current session's files, breaking concurrent connections to different clusters.SaveSSHKeyPair: Including a regression test that verifies saving one session's keys does not delete another session's keys.Test plan
go test ./experimental/ssh/internal/client/andgo test ./experimental/ssh/internal/keys/)TestSaveSSHKeyPairDoesNotDeleteOtherSessionsvalidates the concurrent session fixmake lint)databricks ssh connect --cluster=<id>should no longer intermittently fail with "Permission denied (publickey)"This pull request was AI-assisted by Isaac.