cloudx-proxy 0.3.12__tar.gz → 0.3.14__tar.gz

{cloudx_proxy-0.3.12 → cloudx_proxy-0.3.14}/CHANGELOG.md

@@ -1,3 +1,17 @@
+## [0.3.14](https://github.com/easytocloud/cloudX-proxy/compare/v0.3.13...v0.3.14) (2025-03-06)
+
+
+### Bug Fixes
+
+* restricted permissions on generated files and directories ([6b7b057](https://github.com/easytocloud/cloudX-proxy/commit/6b7b057832ab95fc6cb00c759380663eec2960a5))
+
+## [0.3.13](https://github.com/easytocloud/cloudX-proxy/compare/v0.3.12...v0.3.13) (2025-03-06)
+
+
+### Bug Fixes
+
+* create more stable ssh connection ([606f196](https://github.com/easytocloud/cloudX-proxy/commit/606f196e10b5c3237ea07e45ef80cacdd36af12b))
+
 ## [0.3.12](https://github.com/easytocloud/cloudX-proxy/compare/v0.3.11...v0.3.12) (2025-02-14)
 
 

{cloudx_proxy-0.3.12 → cloudx_proxy-0.3.14}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.2
 Name: cloudx-proxy
-Version: 0.3.12
+Version: 0.3.14
 Summary: SSH proxy command to connect VSCode with Cloud9/CloudX instance using AWS Systems Manager
 Author-email: easytocloud <info@easytocloud.com>
 License: MIT License

{cloudx_proxy-0.3.12 → cloudx_proxy-0.3.14}/cloudx_proxy/_version.py

@@ -1,8 +1,13 @@
-# file generated by setuptools_scm
+# file generated by setuptools-scm
 # don't change, don't track in version control
+
+__all__ = ["__version__", "__version_tuple__", "version", "version_tuple"]
+
 TYPE_CHECKING = False
 if TYPE_CHECKING:
-    from typing import Tuple, Union
+    from typing import Tuple
+    from typing import Union
+
     VERSION_TUPLE = Tuple[Union[int, str], ...]
 else:
     VERSION_TUPLE = object
@@ -12,5 +17,5 @@ __version__: str
 __version_tuple__: VERSION_TUPLE
 version_tuple: VERSION_TUPLE
 
-__version__ = version = '0.3.12'
-__version_tuple__ = version_tuple = (0, 3, 12)
+__version__ = version = '0.3.14'
+__version_tuple__ = version_tuple = (0, 3, 14)

{cloudx_proxy-0.3.12 → cloudx_proxy-0.3.14}/cloudx_proxy/setup.py

@@ -68,6 +68,25 @@ class CloudXSetup:
         response = input(prompt_text)
         return response if response else default
 
+    def _set_directory_permissions(self, directory: Path) -> bool:
+        """Set proper permissions (700) on a directory for Unix-like systems.
+        
+        Args:
+            directory: Path to the directory
+            
+        Returns:
+            bool: True if permissions were set successfully
+        """
+        try:
+            if platform.system() != 'Windows':
+                import stat
+                directory.chmod(stat.S_IRWXU)  # 700 permissions (owner read/write/execute)
+                self.print_status(f"Set {directory} permissions to 700", True, 2)
+            return True
+        except Exception as e:
+            self.print_status(f"Error setting permissions: {str(e)}", False, 2)
+            return False
+
     def setup_aws_profile(self) -> bool:
         """Set up AWS profile using aws configure command.
         
@@ -138,10 +157,20 @@ class CloudXSetup:
             self.ssh_dir.mkdir(parents=True, exist_ok=True)
             self.print_status("SSH directory exists", True, 2)
             
+            # Set proper permissions on the vscode directory
+            if not self._set_directory_permissions(self.ssh_dir):
+                return False
+            
             key_exists = self.ssh_key_file.exists() and (self.ssh_key_file.with_suffix('.pub')).exists()
             
             if key_exists:
                 self.print_status(f"SSH key '{self.ssh_key}' exists", True, 2)
+                # Set proper permissions on existing key files
+                if platform.system() != 'Windows':
+                    import stat
+                    self.ssh_key_file.chmod(stat.S_IRUSR | stat.S_IWUSR)  # 600 permissions (owner read/write)
+                    self.ssh_key_file.with_suffix('.pub').chmod(stat.S_IRUSR | stat.S_IWUSR | stat.S_IROTH | stat.S_IRGRP)  # 644 permissions
+                    self.print_status("Set key file permissions", True, 2)
             else:
                 self.print_status(f"Generating new SSH key '{self.ssh_key}'...", None, 2)
                 subprocess.run([
@@ -152,6 +181,12 @@ class CloudXSetup:
                 ], check=True)
                 self.print_status("SSH key generated", True, 2)
                 
+                # Set proper permissions on newly generated key files
+                if platform.system() != 'Windows':
+                    import stat
+                    self.ssh_key_file.chmod(stat.S_IRUSR | stat.S_IWUSR)  # 600 permissions (owner read/write)
+                    self.ssh_key_file.with_suffix('.pub').chmod(stat.S_IRUSR | stat.S_IWUSR | stat.S_IROTH | stat.S_IRGRP)  # 644 permissions
+                    self.print_status("Set key file permissions", True, 2)
             
             return True
 
@@ -200,6 +235,13 @@ Host cloudx-{cloudx_env}-{hostname}
             with open(self.ssh_config_file, 'a') as f:
                 f.write(host_entry)
             self.print_status("Host entry added with settings", True, 2)
+            
+            # Set proper permissions on the config file
+            if platform.system() != 'Windows':
+                import stat
+                self.ssh_config_file.chmod(stat.S_IRUSR | stat.S_IWUSR)  # 600 permissions (owner read/write)
+                self.print_status("Set config file permissions to 600", True, 2)
+                
             return True
 
         except Exception as e:
@@ -210,6 +252,31 @@ Host cloudx-{cloudx_env}-{hostname}
                 return True
             return False
 
+    def _ensure_control_dir(self) -> bool:
+        """Create SSH control directory with proper permissions.
+        
+        Creates ~/.ssh/control directory with 700 permissions on Unix-like systems,
+        or appropriate permissions on Windows.
+        
+        Returns:
+            bool: True if directory was created or exists with proper permissions
+        """
+        try:
+            # Create control directory path
+            control_dir = Path(self.home_dir) / ".ssh" / "control"
+            
+            # Create directory if it doesn't exist
+            if not control_dir.exists():
+                control_dir.mkdir(parents=True, exist_ok=True)
+                self.print_status(f"Created control directory: {control_dir}", True, 2)
+            
+            # Set proper permissions
+            return self._set_directory_permissions(control_dir)
+            
+        except Exception as e:
+            self.print_status(f"Error creating control directory: {str(e)}", False, 2)
+            return False
+    
     def setup_ssh_config(self, cloudx_env: str, instance_id: str, hostname: str) -> bool:
         """Set up SSH config for the instance.
         
@@ -219,6 +286,7 @@ Host cloudx-{cloudx_env}-{hostname}
            - User and key configuration
            - 1Password SSH agent integration if selected
            - ProxyCommand using uvx cloudx-proxy with proper parameters
+           - SSH multiplexing configuration (ControlMaster, ControlPath, ControlPersist)
         
         2. For an existing environment:
            - Skips creating duplicate environment config
@@ -232,6 +300,10 @@ Host cloudx-{cloudx_env}-{hostname}
             IdentityAgent ~/.1password/agent.sock  # If using 1Password
             IdentityFile ~/.ssh/vscode/key.pub    # .pub for 1Password, no .pub otherwise
             IdentitiesOnly yes                    # If using 1Password
+            TCPKeepAlive yes
+            ControlMaster auto
+            ControlPath ~/.ssh/control/%r@%h:%p
+            ControlPersist 4h
             ProxyCommand uvx cloudx-proxy connect %h %p --profile profile --aws-env env
         
         # Host entries (added for each instance)
@@ -258,8 +330,8 @@ Host cloudx-{cloudx_env}-{hostname}
                 if f"Host cloudx-{cloudx_env}-*" in current_config:
                     self.print_status(f"Found existing config for cloudx-{cloudx_env}-*", True, 2)
                     choice = self.prompt(
-                        "Would you like to (1) override the existing config or "
-                        "(2) add settings to the specific host entry?",
+                        "Would you like to \n  1: override the existing config\n "
+                        "  2: add settings to the specific host entry?\nSelect an option ",
                         "1"
                     )
                     if choice == "2":
@@ -294,6 +366,10 @@ Host cloudx-{cloudx_env}-{hostname}
             if self.ssh_key != "vscode":
                 proxy_command += f" --ssh-key {self.ssh_key}"
 
+            # Ensure control directory exists with proper permissions
+            if not self._ensure_control_dir():
+                return False
+            
             # Build base configuration
             base_config = f"""# cloudx-proxy SSH Configuration
 Host cloudx-{cloudx_env}-*
@@ -303,6 +379,18 @@ Host cloudx-{cloudx_env}-*
             base_config += f"""    IdentityFile {self.ssh_key_file}
     IdentitiesOnly yes
 
+"""
+            # Add SSH multiplexing configuration
+            control_path = "~/.ssh/control/%r@%h:%p"
+            if platform.system() == 'Windows':
+                # Use forward slashes for Windows as well, SSH client will handle conversion
+                control_path = "~/.ssh/control/%r@%h:%p"
+                
+            base_config += f"""    TCPKeepAlive yes
+    ControlMaster auto
+    ControlPath {control_path}
+    ControlPersist 4h
+
 """
             # Add ProxyCommand
             base_config += f"""    ProxyCommand {proxy_command}
@@ -315,6 +403,12 @@ Host cloudx-{cloudx_env}-*
             else:
                 self.ssh_config_file.write_text(base_config)
             self.print_status("Base configuration created", True, 2)
+            
+            # Set proper permissions on the config file
+            if platform.system() != 'Windows':
+                import stat
+                self.ssh_config_file.chmod(stat.S_IRUSR | stat.S_IWUSR)  # 600 permissions (owner read/write)
+                self.print_status("Set config file permissions to 600", True, 2)
 
             # Add specific host entry
             self.print_status(f"Adding host entry for cloudx-{cloudx_env}-{hostname}", None, 2)
@@ -327,6 +421,13 @@ Host cloudx-{cloudx_env}-{hostname}
             self.print_status("Host entry added", True, 2)
 
             # Ensure main SSH config includes our config
+            # Ensure ~/.ssh directory has proper permissions
+            ssh_parent_dir = Path(self.home_dir) / ".ssh"
+            if not ssh_parent_dir.exists():
+                ssh_parent_dir.mkdir(parents=True, exist_ok=True)
+                self.print_status(f"Created SSH directory: {ssh_parent_dir}", True, 2)
+            self._set_directory_permissions(ssh_parent_dir)
+            
             main_config = Path(self.home_dir) / ".ssh" / "config"
             include_line = f"Include {self.ssh_config_file}\n"
             
@@ -338,11 +439,23 @@ Host cloudx-{cloudx_env}-{hostname}
                     self.print_status("Added include line to main SSH config", True, 2)
                 else:
                     self.print_status("Main SSH config already includes our config", True, 2)
+                
+                # Set correct permissions on main config file
+                if platform.system() != 'Windows':
+                    import stat
+                    main_config.chmod(stat.S_IRUSR | stat.S_IWUSR)  # 600 permissions
+                    self.print_status("Set main config file permissions to 600", True, 2)
             else:
                 main_config.write_text(include_line)
                 self.print_status("Created main SSH config with include line", True, 2)
+                
+                # Set correct permissions on newly created main config file
+                if platform.system() != 'Windows':
+                    import stat
+                    main_config.chmod(stat.S_IRUSR | stat.S_IWUSR)  # 600 permissions
+                    self.print_status("Set main config file permissions to 600", True, 2)
 
-            self.print_status("\nSSH configuration summary:", None)
+            self.print_status("SSH configuration summary:", None)
             self.print_status(f"Main config: {main_config}", None, 2)
             self.print_status(f"cloudx-proxy config: {self.ssh_config_file}", None, 2)
             self.print_status(f"Connect using: ssh cloudx-{cloudx_env}-{hostname}", None, 2)

{cloudx_proxy-0.3.12 → cloudx_proxy-0.3.14}/cloudx_proxy.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.2
 Name: cloudx-proxy
-Version: 0.3.12
+Version: 0.3.14
 Summary: SSH proxy command to connect VSCode with Cloud9/CloudX instance using AWS Systems Manager
 Author-email: easytocloud <info@easytocloud.com>
 License: MIT License