Skip to content

feat(snap): vendor ssh in openshell snap and remove ssh-keys interface#2280

Open
olivercalder wants to merge 1 commit into
NVIDIA:mainfrom
olivercalder:feature/snap-bundle-ssh
Open

feat(snap): vendor ssh in openshell snap and remove ssh-keys interface#2280
olivercalder wants to merge 1 commit into
NVIDIA:mainfrom
olivercalder:feature/snap-bundle-ssh

Conversation

@olivercalder

Copy link
Copy Markdown

Summary

This PR removes the ssh-keys interface and instead vendors the ssh binary within the snap.

This is safe because OpenShell always invokes the ssh binary with StrictHostKeyChecking=no, UserKnownHostsFile=/dev/null, and GlobalKnownHostsFile=/dev/null, and never uses any host credentials or ssh configuration. Openshell only ever access to ~/.ssh/config to write OpenShell-managed aliases, and this can safely live within the snap sandbox, rather than leaking into the host environment.

Related Issue

Addresses: #2277

Changes

  • Remove ssh-keys interface from the OpenShell snap
  • Vendors the ssh binary within the OpenShell snap

Testing

  • mise run pre-commit passes
  • Unit tests added/updated
  • E2E tests added/updated (if applicable)

Checklist

  • Follows Conventional Commits
  • Commits are signed off (DCO)
  • Architecture docs updated (if applicable)

Previously, the openshell snap used the ssh-keys interface to get access
to the host's ssh binary, which is used for sandbox connect/exec/forward.
However, ssh-keys is a privileged interface which also grants access to
the public and private ssh keys on the host. As such, it required manual
connection in order to be used.

This weakened the security sandbox of the snap, and hurt the UX of
installing it.

This commit changes this by removing the `ssh-keys` interface and
instead vendoring the `ssh` binary within the snap.

This is safe because OpenShell always invokes the `ssh` binary with
`StrictHostKeyChecking=no`, `UserKnownHostsFile=/dev/null`, and
`GlobalKnownHostsFile=/dev/null`, and never uses any host credentials or
ssh configuration. Openshell only ever access to `~/.ssh/config` to
write OpenShell-managed aliases, and this can safely live within the
snap sandbox, rather than leaking into the host environment.

Signed-off-by: Oliver Calder <oliver.calder@canonical.com>
@copy-pr-bot

copy-pr-bot Bot commented Jul 14, 2026

Copy link
Copy Markdown

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant