Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Is it possible to use kerberos authentication with visual studio code remote?

Tags:

vscode-remote

We use kerberos authentication for connecting to our on-prem computing environment. I'd like to use visual studio code remote to do development directly on that server. Based on this section in the vscode remote documentation, it seems like it's possible to use password-based authentication, which works for me, but it would be nice if I could use existing kerberos authentication, instead of having to type my password every time I start up a vscode session.

I've tried searching through the documentation above, but I can't figure out if kerberos is supported. I would like to know if I should respectfully raise an issue on the issue tracker.

like image 968
Zane Dufour Avatar asked May 07 '19 21:05

Zane Dufour

People also ask

How do I remotely connect to Vscode?

In VS Code, select Remote-SSH: Connect to Host... from the Command Palette (F1, Ctrl+Shift+P) and use the same user@hostname as in step 1. If VS Code cannot automatically detect the type of server you are connecting to, you will be asked to select the type manually.

How do I know if my Kerberos authentication is working?

You can view the list of active Kerberos tickets to see if there is one for the service of interest, e.g. by running klist.exe. There's also a way to log Kerberos events if you hack the registry. Show activity on this post. You should really be auditing logon events, whether the computer is a server or workstation.

2 Answers

Update from March 2020.

I've used plain PuTTY (plink.exe) to connect from VsCode with kerberos using those simple steps.

  1. Define a session inside PuTTY that opens a ssh shell to your remote machine, save it as remote.
  2. Create "C:\Users\< youruser >\ssh.bat" with the contents below. You need echo to fool VsCode that it's OpenSSH client. 
    echo OpenSSH
SET mypath=%~dp0
powershell %mypath%ssh.ps1 %*
    1. Create powershell script ssh.ps1 in the same folder with these contents:
$ArgArray = [System.Collections.ArrayList]$Args
$ind = $ArgArray.IndexOf("-F")
if ($ind -ge 0) {
  $ArgArray.RemoveAt($ind)
  $ArgArray.RemoveAt($ind)
}
Write-Host $ArgArray
& 'C:\Program Files\PuTTY\plink.exe' $ArgArray

Theoretically you can write it in batch language but I did not want to suffer.

  1. Set "remote.SSH.path" setting in VsCode to your ssh.bat path.
  2. Finally, add ssh host configuration in vscode and use session name as host:
 Host remote
     HostName remote
     User <you ssh user>
like image 132
Roman Avatar answered Oct 10 '22 04:10

Roman

My tweak on @Roman's batch script

@echo off

for %%x in (%*) do (
  REM Handle -V
  IF "%%x" == "-V" GOTO :version
  REM Handle vscode remote as special for plink only
  IF "%%x" == "remote" GOTO :plink
)
REM use the built in ssh by default
GOTO :default_ssh

:version
echo OpenSSH
GOTO :eof

:plink
powershell -NoProfile -ExecutionPolicy Bypass %~dp0ssh.ps1 %*
GOTO :eof

:default_ssh
ssh.exe %*
GOTO :eof

It allows you to only use plink for the vscode "remote" server name (I have my reasons), so everything behaves as normal unless you choose hostname remote

like image 37
Andy Avatar answered Oct 10 '22 04:10

Andy
Sign in to Comment

Related questions

Where's the actual Remote-SSH source code repo on github?
How to get vscode-remote-ssh extension connects via git bash in windows?
ssh in vscode error: Permission denied (publickey,password)
Should I check in the VS Code dev container files? For example, the .devcontainer folder or .devcontainer.json file?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!