Versions Compared

Old Version 13

changes.mady.by.user Unknown User (usxa)

Saved on

compared with

New Version 14

changes.mady.by.user Unknown User (usxa)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Install the module from ECMWF public software repository:

No Format
languagebash
titleInstallation
user@local $ pip3 install teleport-browserless-login --user -U -i https://get.ecmwf.int/repository/pypi-all/simple

In order to install the extra certificates checks please install with the extras option certificates-check (requires the cryptography python package):

Installation
No Format
languagebash
title
user@local $ pip3 install teleport-browserless-login[certificates-check] --user -U -i https://get.ecmwf.int/repository/pypi-all/simple

...

Note
titleNote for Raspberry Pi users

If you get the error:

No Format
languagebash
Could not install packages due to an EnvironmentError: 404 Client Error: Not Found for url: https://www.piwheels.org/simple/teleport-browserless-login/

Comment the line extra-index-url=https://www.piwheels.org/simple from /etc/pip.conf

...

Info

This module will not attempt to authenticate if the current certificates are still valid.

Advanced Usage

Check For more advance usages, check the module help:

Help
No Format
languagebash
title
user@local $ python3 -m teleport.login --help
VERSION = "1.1.8"

Environment Variables:
  ECMWF_USERNAME  The ECMWF Username
  ECMWF_PASSWORD  The ECMWF Password
  TSH_EXEC        The Teleport binary tsh path
  TSH_PROXY       The ECMWF Teleport proxy

Configuration file content example (yaml):
  tsh_exec: '/usr/local/bin/tsh'
  tsh_proxy: 'jump.ecmwf.int:443'
  ecmwf_username: 'your_username'
  ecmwf_password: 'your_password'

Usage: python -m teleport.login [OPTIONS]

Options:
  --configuration PATH    The path to the configuration file.
  -f, --force-clean       To Request a new certificate even if the current one
                          is valid.
  -o, --tsh-options TEXT  To add extra options to tsh command. e.g.: -o "--no-
                          use-local-ssh-agent" -o "--insecure"
  --help                  Show this message and exit.

You can configure your default settings in such as the ECMWF username and password, using environment variables or a configuration file. By default, this tool will look into  ~/.teleport-login.yaml but a different file may be passed with the --configuration option. Note that the tool will always prompt for the OTP token:

language
No Format
bash
titleLogin
user@local $ python3 -m teleport.login
INFO - Certificates not found or not valid anymore
INFO - Loading configuration file [/home/demo/.teleport-login.yaml]
INFO - Checking environment for configuration variables...
INPUT - OTP Token: ******
INFO - Starting [tsh login --browser=none --proxy=jump.ecmwf.int:443 --user=us9]
INFO - Configuring HIDTokenHandler with successor NoneType
INFO - Configuring OTPTokenHandler with successor HIDTokenHandler
INFO - Configuring UsernamePasswordHandler with successor OTPTokenHandler
INFO - Configuring TeleportLoginUrlHandler with successor UsernamePasswordHandler
INFO - TeleportLoginUrlHandler finished
INFO - UsernamePasswordHandler finished
INFO - OTPTokenHandler finished
INFO - Login Successful
INFO - > Profile URL:        https://jump.ecmwf.int:443
Logged in as:       us.induction@ecmwf.int
Cluster:            jump.ecmwf.int
Roles:
Logins:             us9
Kubernetes:         disabled
Valid until:        2022-12-17 03:57:49 +0000 UTC [valid for 11h58m0s]
Extensions:         permit-X11-forwarding, permit-agent-forwarding, permit-port-forwarding, permit-pty

An example of such a configuration file is:

No Format
languagebash
titleConfiguration File Example
user@local $ cat .teleport-login.yaml
tsh_exec: '/usr/local/bin/tsh'
tsh_proxy: 'jump.ecmwf.int:443'
ecmwf_username: 'your_username'
ecmwf_password: 'your_password'

You can override all configuration values by using Environment Variables:

title
No Format
languagebash
Login with Environment Variables
user@local $ export ECMWF_USERNAME='test'
user@local $ export ECMWF_PASSWORD='zzzz'
user@local $ export TSH_EXEC='tsh'
user@local $ export TSH_PROXY='jump.ecmwf.int:443'
user@local $ python3 -m teleport.login
INFO - Certificates not found or not valid anymore
INFO - Loading configuration file [/home/uid/.teleport-login.yaml]
INFO - Checking environment for configuration variables...
INFO - Environment variable [ECMWF_USERNAME] found. Overriding...
INFO - Environment variable [ECMWF_PASSWORD] found. Overriding...
INFO - Environment variable [TSH_EXEC] found. Overriding...
INFO - Environment variable [TSH_PROXY] found. Overriding...
INPUT - OTP Token:
INFO - Starting [tsh login --browser=none --proxy=jump.ecmwf.int:443]
...

...

  • tsh_exec - if tsh is on the system PATH, this can be left out the configuration file as the default is tsh
  • tsh_proxy - this can be left out the configuration file as the default is jump.ecmwf.int:443
  • username - will be prompted
  • password - will be prompted
  • token - will ALWAYS be prompted
Info

This module will always prompt the user if some credential is missing.

...

If you run into problems, enabling DEBUG might be useful to get more information regarding the failure.  Just set the environment variable DEBUG to True:

No Format
languagebash
titleDebug
user@local $ DEBUG=True python3 -m teleport.login
INFO - Certificates not found or not valid anymore
INFO - Loading configuration file [/home/uid/.teleport-login.yaml]
INFO - Checking environment for configuration variables...
INPUT - OTP Token:
DEBUG - Loaded Configuration: {"token": "xxxxxx", "username": "uid", "password": "xxxxxxxx", "tsh_exec": "/usr/local/bin/tsh", "tsh_proxy": "jump.ecmwf.int:443"}
INFO - Starting [/usr/local/bin/tsh login --browser=none --proxy=jump.ecmwf.int:443]
DEBUG - Setting User-Agent: {'User-Agent': 'TeleportBrowserlessLogin/1.0.0 (Linux-5.4.72-microsoft-standard-WSL2-x86_64-with-glibc2.31) Python/3.9.5'}
DEBUG - Starting new HTTP connection (1): 127.0.0.1:42387
DEBUG - http://127.0.0.1:42387 "GET /fbbeee7d-dfc3-4b7b-a75a-830f48980d2e HTTP/1.1" 302 309
DEBUG - Starting new HTTPS connection (1): accounts.ecmwf.int:443
DEBUG - https://accounts.ecmwf.int:443 "GET /auth/realms/ecmwf/protocol/openid-connect/auth... HTTP/1.1" 200 5797
INFO - TeleportLoginUrlHandler finished
DEBUG - https://accounts.ecmwf.int:443 "POST /auth/realms/ecmwf/login-actions/authenticate... HTTP/1.1" 200 5654
INFO - UsernamePasswordHandler finished
DEBUG - https://accounts.ecmwf.int:443 "POST /auth/realms/ecmwf/login-actions/authenticate... HTTP/1.1" 200 5915
INFO - HIDTokenHandler finished
INFO - Login Successful
INFO - > Profile URL:        https://jump.ecmwf.int:443
Logged in as:       FirstName.LastName@ecmwf.int
Cluster:            jump.ecmwf.int
Roles:
Logins:             uid
Kubernetes:         disabled
Valid until:        2021-06-07 07:28:55 +0100 BST [valid for 12h0m0s]
Extensions:         permit-X11-forwarding, permit-agent-forwarding, permit-port-forwarding, permit-pty

If you need to pass additional options to the tsh command use  --tsh-options 

...

No Format
user@local $ python3 -m teleport.login --tsh-options="--no-use-local-ssh-agent --insecure"