Skip to content

Commit 2a1d904

Browse files
inureyesinureyes
committed
update: add password auth and passphrase support to documentation
- Update man page with password flag and passphrase information - Add authentication section to README with examples - Improve help text for identity flag to mention passphrase support - Keep version number unchanged at 0.3.0
1 parent 0a56484 commit 2a1d904

4 files changed

Lines changed: 62 additions & 7 deletions

File tree

Cargo.lock

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

README.md

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -55,6 +55,38 @@ bssh -c production ping
5555
bssh list
5656
```
5757

58+
## Authentication
59+
60+
bssh supports multiple authentication methods:
61+
62+
### SSH Key Authentication
63+
- **Default keys**: Automatically tries `~/.ssh/id_ed25519`, `~/.ssh/id_rsa`, `~/.ssh/id_ecdsa`, `~/.ssh/id_dsa`
64+
- **Custom key**: Use `-i` flag to specify a key file
65+
- **Encrypted keys**: Automatically detects and prompts for passphrase
66+
67+
### SSH Agent
68+
- **Auto-detection**: Automatically uses SSH agent if `SSH_AUTH_SOCK` is set
69+
- **Explicit**: Use `-A` flag to force SSH agent authentication
70+
71+
### Password Authentication
72+
- Use `-P` flag to enable password authentication
73+
- Password is prompted securely without echo
74+
75+
### Examples
76+
```bash
77+
# Use default SSH key (auto-detect)
78+
bssh -H "user@host" "uptime"
79+
80+
# Use specific SSH key (prompts for passphrase if encrypted)
81+
bssh -i ~/.ssh/custom_key -c production "df -h"
82+
83+
# Use SSH agent
84+
bssh -A -c production "systemctl status"
85+
86+
# Use password authentication
87+
bssh -P -H "user@host" "ls -la"
88+
```
89+
5890
## Configuration
5991

6092
### Configuration Priority Order

docs/man/bssh.1

Lines changed: 28 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -14,8 +14,9 @@ bssh \- Backend.AI SSH - Parallel command execution across cluster nodes
1414
is a high-performance parallel SSH command execution tool for cluster management, built with Rust.
1515
It enables efficient execution of commands across multiple nodes simultaneously with real-time output streaming.
1616
The tool provides secure file transfer capabilities using SFTP protocol for both uploading and downloading files
17-
to/from multiple remote hosts in parallel. It automatically detects Backend.AI multi-node session environments
18-
and supports various configuration methods.
17+
to/from multiple remote hosts in parallel. It supports multiple authentication methods including SSH keys (with
18+
passphrase support for encrypted keys), SSH agent, and password authentication. It automatically detects Backend.AI
19+
multi-node session environments and supports various configuration methods.
1920

2021
.SH OPTIONS
2122
.TP
@@ -37,7 +38,8 @@ Default username for SSH connections
3738

3839
.TP
3940
.BR \-i ", " \-\-identity " " \fIIDENTITY\fR
40-
SSH private key file path
41+
SSH private key file path. If the key is encrypted, bssh will
42+
automatically prompt for the passphrase.
4143

4244
.TP
4345
.BR \-A ", " \-\-use\-agent
@@ -46,6 +48,12 @@ When this option is specified, bssh will attempt to use the SSH agent
4648
for authentication. Falls back to key file authentication if the agent
4749
is not available or authentication fails.
4850

51+
.TP
52+
.BR \-P ", " \-\-password
53+
Use password authentication. When this option is specified, bssh will
54+
prompt for the password securely without echoing it to the terminal.
55+
This is useful for systems that don't have SSH keys configured.
56+
4957
.TP
5058
.BR \-p ", " \-\-parallel " " \fIPARALLEL\fR
5159
Maximum parallel connections (default: 10)
@@ -205,6 +213,20 @@ Use custom SSH key:
205213
Use SSH agent for authentication:
206214
.B bssh -A -c production "systemctl status"
207215

216+
.TP
217+
Use password authentication:
218+
.B bssh -P -H "user@host.com" "uptime"
219+
.RS
220+
Prompts for password interactively
221+
.RE
222+
223+
.TP
224+
Use encrypted SSH key:
225+
.B bssh -i ~/.ssh/encrypted_key -c production "df -h"
226+
.RS
227+
Automatically detects encrypted key and prompts for passphrase
228+
.RE
229+
208230
.TP
209231
Save output to files:
210232
.B bssh --output-dir ./results -c production "ps aux"
@@ -299,8 +321,9 @@ User configuration directory location
299321
SSH known hosts file for host key verification
300322

301323
.TP
302-
.I ~/.ssh/id_rsa
303-
Default SSH private key
324+
.I ~/.ssh/id_ed25519, ~/.ssh/id_rsa, ~/.ssh/id_ecdsa, ~/.ssh/id_dsa
325+
Default SSH private keys (checked in order of preference). If a key is
326+
encrypted, bssh will prompt for the passphrase.
304327

305328
.TP
306329
.I $SSH_AUTH_SOCK

src/cli.rs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,7 @@ pub struct Cli {
4747
#[arg(short = 'u', long, help = "Default username for SSH connections")]
4848
pub user: Option<String>,
4949

50-
#[arg(short = 'i', long, help = "SSH private key file path")]
50+
#[arg(short = 'i', long, help = "SSH private key file path (prompts for passphrase if encrypted)")]
5151
pub identity: Option<PathBuf>,
5252

5353
#[arg(

0 commit comments

Comments
 (0)