Basic ssh_config support (#15499)

KnowZero · jonah-iden · web-flow · commit 332ed9813192 · 2025-04-28T11:49:47.000+02:00
---------

Signed-off-by: KnowZero &lt;KnowZero@users.noreply.github.com&gt;
Signed-off-by: Jonah Iden &lt;jonah.iden@typefox.io&gt;
Co-authored-by: Jonah Iden &lt;jonah.iden@typefox.io&gt;
diff --git a/package-lock.json b/package-lock.json
diff --git a/packages/remote/package.json b/packages/remote/package.json
@@ -15,6 +15,7 @@
     "glob": "^8.1.0",
     "socket.io": "^4.5.3",
     "socket.io-client": "^4.5.3",
+    "ssh-config": "^5.0.3",
     "ssh2": "^1.15.0",
     "ssh2-sftp-client": "^9.1.0",
     "tslib": "^2.6.2"
diff --git a/packages/remote/src/electron-browser/remote-preferences.ts b/packages/remote/src/electron-browser/remote-preferences.ts
@@ -14,6 +14,7 @@
 // SPDX-License-Identifier: EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0
 // *****************************************************************************
 
+import { OS } from '@theia/core';
 import { interfaces } from '@theia/core/shared/inversify';
 import {
     PreferenceProxy,
@@ -41,11 +42,20 @@ export const RemotePreferenceSchema: PreferenceSchema = {
                 'Controls the template used to download the node.js binaries for the remote backend. Points to the official node.js website by default. Uses multiple placeholders:'
             ) + '\n- ' + nodeDownloadTemplateParts.join('\n- ')
         },
+        'remote.ssh.configFile': {
+            type: 'string',
+            default: OS.backend.isWindows ? '${env:USERPROFILE}\\.ssh\\config' : '${env:HOME}/.ssh/config',
+            markdownDescription: nls.localize(
+                'theia/remote/ssh/configFile',
+                'Remote SSH Config file'
+            )
+        },
     }
 };
 
 export interface RemoteConfiguration {
     'remote.nodeDownloadTemplate': string;
+    'remote.ssh.configFile': string;
 }
 
 export const RemotePreferenceContribution = Symbol('RemotePreferenceContribution');
diff --git a/packages/remote/src/electron-browser/remote-ssh-contribution.ts b/packages/remote/src/electron-browser/remote-ssh-contribution.ts
@@ -14,11 +14,12 @@
 // SPDX-License-Identifier: EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0
 // *****************************************************************************
 
-import { Command, MessageService, nls, QuickInputService } from '@theia/core';
+import { Command, MessageService, nls, QuickInputService, QuickPickInput } from '@theia/core';
 import { inject, injectable } from '@theia/core/shared/inversify';
 import { RemoteSSHConnectionProvider } from '../electron-common/remote-ssh-connection-provider';
 import { AbstractRemoteRegistryContribution, RemoteRegistry } from './remote-registry-contribution';
 import { RemotePreferences } from './remote-preferences';
+import SSHConfig, { Directive } from 'ssh-config';
 
 export namespace RemoteSSHCommands {
     export const CONNECT: Command = Command.toLocalizedCommand({
@@ -31,6 +32,11 @@ export namespace RemoteSSHCommands {
         category: 'SSH',
         label: 'Connect Current Window to Host...',
     }, 'theia/remoteSSH/connect');
+    export const CONNECT_CURRENT_WINDOW_TO_CONFIG_HOST: Command = Command.toLocalizedCommand({
+        id: 'remote.ssh.connectToConfigHost',
+        category: 'SSH',
+        label: 'Connect Current Window to Host in Config File...',
+    }, 'theia/remoteSSH/connectToConfigHost');
 }
 
 @injectable()
@@ -55,6 +61,58 @@ export class RemoteSSHContribution extends AbstractRemoteRegistryContribution {
         registry.registerCommand(RemoteSSHCommands.CONNECT_CURRENT_WINDOW, {
             execute: () => this.connect(false)
         });
+        registry.registerCommand(RemoteSSHCommands.CONNECT_CURRENT_WINDOW_TO_CONFIG_HOST, {
+            execute: () => this.connectToConfigHost()
+        });
+    }
+
+    async getConfigFilePath(): Promise<string | undefined> {
+        return this.remotePreferences['remote.ssh.configFile'];
+    }
+
+    async connectToConfigHost(): Promise<void> {
+        const quickPicks: QuickPickInput[] = [];
+        const sshConfig = await this.sshConnectionProvider.getSSHConfig(await this.getConfigFilePath());
+
+        const wildcardCheck = /[\?\*\%]/;
+
+        for (const record of sshConfig) {
+            // check if its a section and if it has a single value
+            if (!('config' in record) || !(typeof record.value === 'string')) {
+                continue;
+            }
+            if (record.param.toLowerCase() === 'host' && !wildcardCheck.test(record.value)) {
+                const rec: Record<string, string | string[]> = ((record.config)
+                    .filter((entry): entry is Directive => entry.type === SSHConfig.DIRECTIVE))
+                    .reduce(
+                        (pv, item) => ({ ...pv, [item.param.toLowerCase()]: item.value }), { 'host': record.value }
+                    );
+                const host = (rec.hostname || rec.host) + ':' + (rec.port || '22');
+                const user = rec.user || 'root';
+
+                quickPicks.push({
+                    label: <string>rec.host,
+                    id: user + '@' + host
+                });
+
+            }
+
+        }
+
+        const selection = await this.quickInputService?.showQuickPick(quickPicks, {
+            placeholder: nls.localizeByDefault('Select an option to open a Remote Window')
+        });
+        if (selection && selection.id) {
+            try {
+                let [user, host] = selection.id!.split('@', 2);
+                host = selection.label;
+
+                const remotePort = await this.sendSSHConnect(host, user);
+                this.openRemote(remotePort, false);
+            } catch (err) {
+                this.messageService.error(`${nls.localize('theia/remote/sshFailure', 'Could not open SSH connection to remote.')} ${err.message ?? String(err)}`);
+            }
+        }
     }
 
     async connect(newWindow: boolean): Promise<void> {
@@ -73,6 +131,15 @@ export class RemoteSSHContribution extends AbstractRemoteRegistryContribution {
             user = split[0];
             host = split[1];
         }
+        if (!user) {
+            const configHost = await this.sshConnectionProvider.matchSSHConfigHost(host, undefined, await this.getConfigFilePath());
+
+            if (configHost) {
+                if (!user && configHost.user) {
+                    user = <string>configHost.user;
+                }
+            }
+        }
         if (!user) {
             user = await this.quickInputService.input({
                 title: nls.localize('theia/remote/enterUser', 'Enter SSH user name'),
@@ -96,7 +163,8 @@ export class RemoteSSHContribution extends AbstractRemoteRegistryContribution {
         return this.sshConnectionProvider.establishConnection({
             host,
             user,
-            nodeDownloadTemplate: this.remotePreferences['remote.nodeDownloadTemplate']
+            nodeDownloadTemplate: this.remotePreferences['remote.nodeDownloadTemplate'],
+            customConfigFile: await this.getConfigFilePath()
         });
     }
 }
diff --git a/packages/remote/src/electron-common/remote-ssh-connection-provider.ts b/packages/remote/src/electron-common/remote-ssh-connection-provider.ts
@@ -14,6 +14,8 @@
 // SPDX-License-Identifier: EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0
 // *****************************************************************************
 
+import * as SshConfig from 'ssh-config';
+
 export const RemoteSSHConnectionProviderPath = '/remote/ssh';
 
 export const RemoteSSHConnectionProvider = Symbol('RemoteSSHConnectionProvider');
@@ -22,8 +24,15 @@ export interface RemoteSSHConnectionProviderOptions {
     user: string;
     host: string;
     nodeDownloadTemplate?: string;
+    customConfigFile?: string;
+}
+
+export interface SSHConfig extends Array<SshConfig.Line> {
+    compute(opts: string | SshConfig.MatchOptions): Record<string, string | string[]>;
 }
 
 export interface RemoteSSHConnectionProvider {
     establishConnection(options: RemoteSSHConnectionProviderOptions): Promise<string>;
+    getSSHConfig(customConfigFile?: string): Promise<SSHConfig>;
+    matchSSHConfigHost(host: string, user?: string, customConfigFile?: string): Promise<Record<string, string | string[]> | undefined>;
 }
diff --git a/packages/remote/src/electron-node/ssh/remote-ssh-connection-provider.ts b/packages/remote/src/electron-node/ssh/remote-ssh-connection-provider.ts
@@ -18,16 +18,18 @@ import * as ssh2 from 'ssh2';
 import * as net from 'net';
 import * as fs from '@theia/core/shared/fs-extra';
 import SftpClient = require('ssh2-sftp-client');
+import * as SshConfig from 'ssh-config';
 import { Emitter, Event, MessageService, QuickInputService } from '@theia/core';
 import { inject, injectable } from '@theia/core/shared/inversify';
-import { RemoteSSHConnectionProvider, RemoteSSHConnectionProviderOptions } from '../../electron-common/remote-ssh-connection-provider';
+import { RemoteSSHConnectionProvider, RemoteSSHConnectionProviderOptions, SSHConfig } from '../../electron-common/remote-ssh-connection-provider';
 import { RemoteConnectionService } from '../remote-connection-service';
 import { RemoteProxyServerProvider } from '../remote-proxy-server-provider';
 import { RemoteConnection, RemoteExecOptions, RemoteExecResult, RemoteExecTester, RemoteStatusReport } from '../remote-types';
 import { Deferred, timeout } from '@theia/core/lib/common/promise-util';
 import { SSHIdentityFileCollector, SSHKey } from './ssh-identity-file-collector';
 import { RemoteSetupService } from '../setup/remote-setup-service';
 import { generateUuid } from '@theia/core/lib/common/uuid';
+import { EnvVariablesServer, EnvVariable } from '@theia/core/lib/common/env-variables';
 
 @injectable()
 export class RemoteSSHConnectionProviderImpl implements RemoteSSHConnectionProvider {
@@ -50,17 +52,68 @@ export class RemoteSSHConnectionProviderImpl implements RemoteSSHConnectionProvi
     @inject(MessageService)
     protected readonly messageService: MessageService;
 
+    @inject(EnvVariablesServer)
+    protected readonly envVariablesServer: EnvVariablesServer;
+
     protected passwordRetryCount = 3;
     protected passphraseRetryCount = 3;
 
+    async matchSSHConfigHost(host: string, user?: string, customConfigFile?: string): Promise<Record<string, string | string[]> | undefined> {
+        const sshConfig = await this.getSSHConfig(customConfigFile);
+        const host2 = host.trim().split(':');
+
+        const record = Object.fromEntries(
+            Object.entries(sshConfig.compute(host2[0])).map(([k, v]) => [k.toLowerCase(), v])
+        );
+
+        // Generate a regexp to find wildcards and process the hostname with the wildcards
+        if (record.host) {
+            const checkHost = new RegExp('^' + (<string>record.host)
+                .replace(/([^\w\*\?])/g, '\\$1')
+                .replace(/([\?]+)/g, (...m) => '(' + '.'.repeat(m[1].length) + ')')
+                .replace(/\*/g, '(.+)') + '$');
+
+            const match = host2[0].match(checkHost);
+            if (match) {
+                if (record.hostname) {
+                    record.hostname = (<string>record.hostname).replace('%h', match[1]);
+                }
+            }
+
+            if (host2[1]) {
+                record.port = host2[1];
+            }
+        }
+
+        return record;
+    }
+
+    async getSSHConfig(customConfigFile?: string): Promise<SSHConfig> {
+        const reg = /\$\{env:(.+?)\}/;
+        const promises: Promise<EnvVariable | undefined>[] = [];
+        customConfigFile?.replace(reg, (...m) => {
+            promises.push(this.envVariablesServer.getValue(m[1]));
+            return m[0];
+        });
+
+        const repVal = await Promise.all(promises);
+        const sshConfigFilePath = customConfigFile!.replace(reg, () => repVal.shift()?.value || '');
+
+        const buff: Buffer = await fs.promises.readFile(sshConfigFilePath);
+
+        const sshConfig = SshConfig.parse(buff.toString());
+
+        return sshConfig;
+    }
+
     async establishConnection(options: RemoteSSHConnectionProviderOptions): Promise<string> {
         const progress = await this.messageService.showProgress({
             text: 'Remote SSH'
         });
         const report: RemoteStatusReport = message => progress.report({ message });
         report('Connecting to remote system...');
         try {
-            const remote = await this.establishSSHConnection(options.host, options.user);
+            const remote = await this.establishSSHConnection(options.host, options.user, options.customConfigFile);
             await this.remoteSetup.setup({
                 connection: remote,
                 report,
@@ -82,10 +135,26 @@ export class RemoteSSHConnectionProviderImpl implements RemoteSSHConnectionProvi
         }
     }
 
-    async establishSSHConnection(host: string, user: string): Promise<RemoteSSHConnection> {
+    async establishSSHConnection(host: string, user: string, customConfigFile?: string): Promise<RemoteSSHConnection> {
         const deferred = new Deferred<RemoteSSHConnection>();
         const sshClient = new ssh2.Client();
-        const identityFiles = await this.identityFileCollector.gatherIdentityFiles();
+        const sshHostConfig = await this.matchSSHConfigHost(host, user, customConfigFile);
+        const identityFiles = await this.identityFileCollector.gatherIdentityFiles(undefined, <string[]>sshHostConfig?.identityfile);
+
+        let algorithms: ssh2.Algorithms | undefined = undefined;
+        if (sshHostConfig) {
+            if (!user && sshHostConfig.user) {
+                user = <string>sshHostConfig.user;
+            }
+            if (sshHostConfig.hostname) {
+                host = sshHostConfig.hostname + ':' + (sshHostConfig.port || '22');
+            } else if (sshHostConfig.port) {
+                host = sshHostConfig.host + ':' + (sshHostConfig.port || '22');
+            }
+            if (sshHostConfig.compression && (<string>sshHostConfig.compression).toLowerCase() === 'yes') {
+                algorithms = { compress: ['zlib@openssh.com', 'zlib'] };
+            }
+        }
         const hostUrl = new URL(`ssh://${host}`);
         const sshAuthHandler = this.getAuthHandler(user, hostUrl.hostname, identityFiles);
         sshClient
@@ -110,6 +179,7 @@ export class RemoteSSHConnectionProviderImpl implements RemoteSSHConnectionProvi
                 host: hostUrl.hostname,
                 port: hostUrl.port ? parseInt(hostUrl.port, 10) : undefined,
                 username: user,
+                algorithms: algorithms,
                 authHandler: (methodsLeft, successes, callback) => (sshAuthHandler(methodsLeft, successes, callback), undefined)
             });
         return deferred.promise;
diff --git a/packages/remote/src/electron-node/ssh/ssh-identity-file-collector.ts b/packages/remote/src/electron-node/ssh/ssh-identity-file-collector.ts
@@ -54,8 +54,8 @@ export class SSHIdentityFileCollector {
         ];
     }
 
-    async gatherIdentityFiles(sshAgentSock?: string): Promise<SSHKey[]> {
-        const identityFiles = this.getDefaultIdentityFiles();
+    async gatherIdentityFiles(sshAgentSock?: string, overrideIdentityFiles?: string[]): Promise<SSHKey[]> {
+        const identityFiles = overrideIdentityFiles || this.getDefaultIdentityFiles();
 
         const identityFileContentsResult = await Promise.allSettled(identityFiles.map(async keyPath => {
             keyPath = await fs.pathExists(keyPath + '.pub') ? keyPath + '.pub' : keyPath;

Original file line number	Diff line number	Diff line change
`@@ -54,8 +54,8 @@ export class SSHIdentityFileCollector {`
`54`	`54`	`];`
`55`	`55`	`}`
`56`	`56`
`57`		`- async gatherIdentityFiles(sshAgentSock?: string): Promise<SSHKey[]> {`
`58`		`- const identityFiles = this.getDefaultIdentityFiles();`
	`57`	`+ async gatherIdentityFiles(sshAgentSock?: string, overrideIdentityFiles?: string[]): Promise<SSHKey[]> {`
	`58`	`+ const identityFiles = overrideIdentityFiles \|\| this.getDefaultIdentityFiles();`
`59`	`59`
`60`	`60`	`const identityFileContentsResult = await Promise.allSettled(identityFiles.map(async keyPath => {`
`61`	`61`	`keyPath = await fs.pathExists(keyPath + '.pub') ? keyPath + '.pub' : keyPath;`