For some time now, plans to switch Paramiko’s crypto backend from PyCrypto to PyCA’s Cryptography have been in motion. (Sometimes, slow-motion. Sorry.) These efforts are drawing to a close, and because they represent a nontrivial change in install dependencies – even though there aren’t any public API changes – we’re going to call the result Paramiko 2.0.
I’ve been horrid about blogging lately, but didn’t want 2015 to pass with exactly zero posts. First is an open source review/update (the good & the bad), with some more personal topics afterwards. If you’re the skimming type, I bolded the important bits.
A bunch of notes about Paramiko, Fabric and Invoke, such as their websites, their Python 3 support, and more! With copious exclamation points!
Life has continued to conspire against me, but this particular Friday I successfully wrested some time from other responsibilities and put out a couple of releases.
Deciding when to release software can be difficult. Releasing after every patch or merge is typically too much, though some argue otherwise: it depends how you define “often” in “release early, release often”.
The other options are “whenever you feel like it” and “have a specific schedule”.
Until now I’ve always gone with that middle option, waiting until a large-enough set of changes had piled up to merit a new release.
Some quick release-note style announcements for Fabric and Paramiko!
Just some quick announcements this time!
This post evolved out of an update to this long running Fabric feature request that got too long for a Github comment.
The tl;dr for that issue is: folks want gateway support, the ability to bounce SSH connections off an intermediate host. This is useful for setups where you cannot reach your target node directly, but do have access to some gateway or staging box.
(Side note: this feature’s languished because I personally never needed it: ever since I picked up Fabric I’ve worked in environments savvy enough to have VPNs but small enough they didn’t have multiple networks.)
Recently, I reread most of Fabric #38, and there’s two solutions / SSH features contributors kept arriving at: ProxyCommand and direct-tcpip. I’ll explain what these are (insofar as I understand them myself), then compare/contrast.
I run a handful of related open source projects, and two of them are merging. Specifically: the Python ‘ssh’ library is merging with Paramiko, of which it was a public fork. The bulk of the work for this merger is already done, and new releases of Paramiko and Fabric (the high level library which has over time used both Paramiko and ‘ssh’) will be out soon.
Implied by the above: I am now the maintainer of Paramiko! Huge thanks to Robey Pointer for creating it & maintaining the project for nearly a decade. I can only hope folks are still using software I wrote ten years out.