In our enterprise, we use Azure AD for the authentification.
I want now to do some curl commands for testing, but the command:
curl -u myuser:mypassword https://www.thewebsite.com -L
doesn't do the trick. Apparently, I'm stuck at the login windows.
Has anyone else a solution to do the Azure authentification from curl?
EDIT: as suggested by #SaiSakethGuduru-MT, adding --ntlm didn't work
Related
curl contains options like '-k' /'--insecure' to allow insecure SSL connections/transfers, is there anything in azure-sdk-for-go or azure go-autorest
net/http.Transport.TLSClientConfig.InsecureSkipVerify
I have a flask webapp running on an Ubuntu Azure sever. I also have an azure storage account, and to access the storage from the webapp, I use SMB. This has worked so far, with adding and updating files on the server, but I tried to delete a file and it didn't work. No error or anything, it just did nothing and the file is still on the server. I tried the command locally and it worked fine. Is there something I'm doing wrong and how could I fix this problem. Here's the command I've been using:
smbclient //name.file.core.windows.net/website -mSMB3 -e -Uname%password -c 'rm tempplugins/test2.ini'
This may not solve your exact problem, but I was attempting to perform operations on a file share on an Azure Storage Account from an Azure VM running CentOS, and I ran into several different problems. It took me a while to get the kinks worked out.
In my case, I had to use to use backslashes, but I had to double them so that they were escaped properly. Example:
smbclient \\\\storageaccount.file.core.windows.net\\sharename
Additionally, we weren't using an integrated active directory, and so we had to use the storage account name as the username and it had to be "prefixed" with "Azure" like "Azure\storageaccount". And don't forget that backslashes have to be doubled! Also, the password was the storage account key. Example:
smbclient \\\\storageaccount.file.core.windows.net\\sharename -U Azure\\storageaccount%key
I used the "-d" option to debug the command line options for smbclient. However, in my case, the "-d" option had to be on the end of the command or it interfered. If it hadn't been for the clues provided by "-d", I never would have gotten this to work. Example:
smbclient \\\\storageaccount.file.core.windows.net\\sharename -U Azure\\storageaccount%key -d
Here's a simple, one-liner that shows a directory of a file share on an Azure Storage Account. Example:
smbclient \\\\storageaccount.file.core.windows.net\\sharename -U Azure\\storageaccount%key -c dir -d
I hope that this helps someone else as I must of blown 2 to 3 hours to get this worked out.
I've tried absolutely everything I can think of to do a SSH reset of my user on my Linux VM (Hortonworks Sandbox to be precise).
The VMAccessForLinux will not install, it simply states that it fails to provision:
I've tried adding it as 1.*,1.1, 1.2 and now 1.4 as per https://github.com/Azure/azure-content/blob/master/articles/virtual-machines/virtual-machines-troubleshoot-ssh-connections.md
I can't access my SSH, and I can't do any of the Azure reset commands, either using Azure CLI or Azure PS.
The VM is a RM vm.
How can I resolve this?
In PS I get errors like:
I'm beyond tearing my hair out.
And before anyone suggest that I use the portal, this is what I'm offered there (thanks Azure):
I can't say if this is a universal fix, but I managed to resolve this issue, by using the following in the Azure CLI:
$ azure vm reset-access -n {VMNAME} -g {GROUPNAME} \
-u {SSH_USER} -p {SSH_PASS} -E 1.4 -vv --json
It did NOT work for my original user on the box though; I created ANOTHER user, and from there I did a password reset with a sudo on the box, then I could SSH into the box from that user.
Firstly, can you go through the instructions here if you've not already. The VM extension has changed recently and that is the latest doc to go through: https://azure.microsoft.com/en-us/blog/using-vmaccess-extension-to-reset-login-credentials-for-linux-vm/.
EDIT #1
Glad to see you resolved it by creating a new user with reset-access.
If azure vm reset-access should fail, the next step would have been to download this tool which can allow you to inspect the VHD when not logged onto the VM: https://github.com/paulmey/inspect-azure-vhd - and inspect Waagent log is /var/log/waagent.log (You can see extension updates here) and
extension.log in /var/log/azure/.
I installed and configured Jenkins through the system configuration management (ansible). Through ansible create jobs, install modules and configure them. After installing and configuring the module authorization crowd2, to reload the config via http://localhost/jenkins/reload does not work, as required authorization. To generate an authorization token, you must first log in, but this is not desirable. Can I have root access to reload the config?
P.S. Sorry for my English :)
java -jar jenkins-cli.jar -noCertificateCheck -s https://jenkins.example.com:8443/jenkins/ reload-configuration
You can generate crumb:
curl -u 'admin:password' -X GET http://localhost:8090/crumbIssuer/api/json | jq
Response looks like:
{
"_class": "hudson.security.csrf.DefaultCrumbIssuer",
"crumb": "1348b504383211402ce562e0b46b3691",
"crumbRequestField": "Jenkins-Crumb"
}
Then take crumb field value and use it in reload call:
curl -u 'admin:password' -X POST http://localhost:8090/reload -H 'Jenkins-Crumb: 1348b504383211402ce562e0b46b3691'
One easy workaround is to use Ansible to restart the Tomcat or the Jenkins service (depending on how Jenkins is hosted).
With this solution, the configuration will be reloaded.
If Ansible is used to create a fresh install of Jenkins, nobody will be using Jenkins. So restarting the service can be an acceptable solution ;)
You can use the Jenkins CLI with the reload command. For example:
java -jar jenkins-cli.jar -s https://jenkins.example.com/ reload
Or you could use the create-job to create jobs in the first place, removing the need to reload the configuration.
The CLI lets you authenticate with an SSH key, so that may be more amenable to being run from Ansible.
Try this:
java -jar jenkins-cli.jar -s [JENKINS_URL[ -auth [USER:PASSWORD] reload-configuration
Go to Configurations -> Reload Configuration from Disk
Has anyone tried successfully the search command with Docker 1.6 and the new registry 2.0?
I've set mine up behind Nginx with SSL, and so far it is working fine. I can push and pull images without problems. But when I try to search for them all the following command give a 404 response:
curl -k -s -X GET https://username:password#my-docker-registry.com/v1/search
404 page not found
curl -k -s -X GET https://username:password#my-docker-registry.com/v2/search
404 page not found
root#ip-10-232-0-191:~# docker search username:password#my-docker-registry.com/hello-world
FATA[0000] Invalid repository name (admin:admin), only [a-z0-9-_.] are allowed
root#ip-10-232-0-191:~# docker search my-docker-registry.com/hello-world
FATA[0000] Error response from daemon: Unexpected status code 404
I wanted to ask if anyone has any ideas why and what is the correct way to use the Docker client to search the registry for images.
Looking at the API v2.0 documentation, do they simply not support a search function? Seems a bit strange to omit such functionality.
At least something works :)
root#ip-10-232-0-191:~# curl -k -s -X GET https://username:password#my-docker-registry.com/v2/hello-world/tags/list
{"name":"hello-world","tags":["latest"]}
To Date - the search api is lacking from registry v2.0.1 and this issue is under discussion here. I believe search api is intended to land in v2.1.
EDIT: /v2/catalog endpoint is available in distribution/registry:master
Before new registry api:
If you are using REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY you may list the contents of that directory
user#host:~# tree $REGISTRY_FS_ROOTDIR/docker/registry/v2/repositories -L 2
***/docker/registry/v2/repositories
└── repository1
└── image1
This may be useful to make a quick web ui you can call to do this or if you have ssh access to the host storing the repositories:
ssh -T user#host -p <port> tree $REGISTRY_FS_ROOTDIR/docker/registry/ -L 2
Do look at the compose example which deploys both v1 & v2 registry behind an nginx reverse proxy
The latest version of Docker Registry available from https://github.com/docker/distribution supports Catalog API. (v2/_catalog). This allows for capability to search repositories.
If interested, you can try docker image registry CLI I built to make it easy for using the search features in the new Docker Registry v2 distribution : (https://github.com/vivekjuneja/docker_registry_cli)
if you're on windows, here's a Powershell script to query the v2/_catalog from windows with basic http auth.
https://gist.github.com/so0k/b59382ea7fd959cf7040
FYI, to use this you have to docker pull distribution/registry:master instead of docker pull registry:2. the registry:2 image version is currently 2.0.1 which does not come with the catalog endpoint.