1 I don't mind the monkeysphere-ssh-proxycommand output on regular connections.
3 For me it looks something like this with a server not participating in the
6 ms: processing host: chavez.mayfirst.org
9 And like this for a server participating:
11 ms: processing host: george.riseup.net
12 ms: primary key found: 7353A74E3B757F8C
13 ms: * acceptable key found.
14 ms: known_hosts file updated.
16 However, I have some batch scripts that run ssh that also provide
17 output, so the monkeysphere output clutters things up.
19 I would really like to either have a -q/--quiet option, or, preferable for me
20 at least, would be for silent output to be the default and have a -v/--verbose
21 option to get the output. Or - maybe these should be environmental variables?
22 In any event - someway to suppress informational output would be a useful
27 I'd be fine with silent mode as a default, with a more verbose mode
28 accessible to the user who desires it.
30 I'd prefer an environment variable (e.g. `MONKEYSPHERE_VERBOSE` or
31 `MONKEYSPHERE_DEBUG`) over a command-line (e.g. `--verbose`) option,
32 personally. It's more in keeping with the model we've used in general
39 I just completed this feature. I published it to a separate branch
40 (called quiet-mode). I haven't committed it to my master branch for a
43 * I made some significant changes and wanted to ask Big Jimmy to take
44 a look since it's mostly his stuff I mucked about with.
46 * Sometime between starting my hacking and mid-way through, my
47 ~.ssh/known_hosts file got truncted to nothing. I recovered from a
48 backup. I couldn't figure out what caused that to happen and couldn't
49 replicate it. I was debugging my bash and what I was debugging
50 involved bash redirection, so it's reasonable to think that something
51 I did caused the problem. However, before committing we incorporate
52 this, I would appreciate another set of eyes on my code to make sure
53 I'm not doing something dangerous or just dumb :).
55 Here's an overview of what I did:
57 There were two function defined in common that handle sending messages
58 to the user: log and loge. They both echo the argument passed to
59 standard error. The first one also echo's "ms: " (as a preface to the
60 message). loge was only called in two places and I think is left over
61 cruft (let me know if I'm wrong please!).
63 I've added drop in replacement functions: notice, info, and
64 debug. I've replaced all instances of log and loge with info.
66 If you use notice, your message will always be sent to standard error.
67 If you use info, it will be sent to standard error if the env variable
68 `MONKEYSPHERE_OUTPUT_QUIET` is set to off (it is off by default). If
69 you use debug, it will be sent to standard error only if
70 `MONKEYSPHERE_OUTPUT_DEBUG` is set to on (it's off by default).
72 Lastly, in monkeysphere-ssh-proxycommand, I've set
73 `MONKEYSPHERE_QUIET_MODE` to on by default.
75 So the result is: when using monkeysphere-ssh-proxycommand, you will
76 not get any output unless you set `MONEKYSPHERE_OUTPUT_QUIET` to off
77 or `MONKEYSPHERE_OUTPUT_DEBUG` to on. All other commands should work
78 exactly like they did in the past.
80 And... we can go through the code and change calls to the info
81 function to either notice (if we want them to be sent regardless of
82 the `QUIET` variable) or debug (if we want it only sent if `DEBUG` is
85 I'm open to suggestions, problems, etc :).
91 Hey, your Royal Highness. I do think it's good that I look over these
92 changes, because there are definitely some stuff (ie. key processing)
93 that requires that things go to stderr and definitely not to stdout.
94 I can see that if that were changed, it's possible that things could
95 go wrong (ie. cause a `known_hosts` file to get truncated maybe).
97 I have to say that I'm still not sure I totally see why it's necessary
98 to implement such nuanced output switches. All of the stuff you were
99 worried about when you reported this bug, and all the stuff that
100 starts with "ms:", goes to stderr. If you didn't want to see it, can
101 you not just redirect stderr to /dev/null?
103 For what it's worth, I'm not sure *I* can ever imagine *not* wanting
104 to see that stuff, since it effectively reports on whether the host
105 you're connecting to is acceptable or not. I feel like I would always
106 want to see that. I guess that's neither here nor there, though,
107 cause if a user thinks it would be a good switch to have, and it's not
108 too difficult to implement (as this is), then it's worth implementing.
110 I think before we really start trying to tackle this, though, we
111 should outline what is the behavior we ultimately want. What output
112 do we want to go to stdout, and do we want to be able to turn that off
113 or on? What output do we want to go to stderr, and do we want to be
114 able to turn that off or on? At the moment, most output is really
115 just info for the user, which is why I was sending it all to stderr.
116 Should all output then just go to stderr, with a switch to either turn
119 I should point out that we're sort of hitting a bit of a bash
120 limitation here. Some monkeysphere internal functions pass info on to
121 other stuff via stdout, but also need to report stuff to the user as
122 well, which means this stuff can only be passed to the user via
125 In any event, I just want to outline a straightforward policy about
126 output so we can know how to best handle it.
132 I think it's important to be able to suppress "normal operation,
133 everything is fine" messages *without* directing stderr to
134 `/dev/null`. This is the normal state of UNIX-style tools, especially
135 tools like SSH which are used as piece of a larger toolchain. If
136 every tool in a toolchain emitted some output during successful
137 operation, many scripts would be hopeless seas of noise, as it's not
138 unusual for even a simple backup script to make use of a half-dozen
141 What you really want is to see some output from when a tool knows
142 something is wrong. With the proxycommand, the job of complaining
143 will often be left up to `ssh` itself, after `~/.ssh/known_hosts` has
144 been appropriately modified. But sometimes, the proxycommand itself
145 will fail, and if you've already directed stderr to `/dev/null` you
146 won't get any reasonable information about the failure at the time it
149 As for the interface to adjust the verbosity, HRH SJJ's current
150 proposal with a large number of environment variables seems confusing
151 and overly-complex to me.
153 i think we should follow OpenSSH's lead (since all monkeysphere users
154 are likely to be somewhat familiar with it) and use a single variable
155 that is set to a level. For example, see `LogLevel` in
156 `ssh_config(5)`. It should probably default to `INFO`, same as
157 `/usr/bin/ssh`. If there was a way to extract this value from the
158 user's SSH configuration/invocation itself and adopt it in the
159 ProxyCommand, that would be even better, but i don't think that's a
160 possibility with OpenSSH 5.1p1 at this point.
162 Also, i agree with HRH SJJ that the distinction in the monkeysphere
163 source between `log` and `loge` is unclear, and one of them should be
164 dropped (or they should be better-documented in `/src/common`).
170 Thanks Big Jimmy and dkg all for the good feedback.
172 I think you're right Big Jimmy about the sterr/stout. I may have
173 accidentally output to stout instead of sterr. In any event - I think
174 all of the logging should go to sterr to avoid that.
176 Here's a proposed fix based on both of your responses - it tries to make
177 my changes a bit simpler and more consistent with ssh behavior:
179 * Use on environmental variable: `MONKEYSPHERE_LOG_LEVEL` that can be set
180 to `ERROR` or `INFO`, with the default being `INFO`.
181 `monkeysphere-ssh-proxycommand`, however, will set the
182 `MONKEYSPHERE_LOG_LEVEL` to `ERROR` unless the user overrides that setting.
184 * Use two functions for reporting messages to the user via sterr that
185 will replace the existing log/loge functions: info (for outputting
186 "normal operation, everything's fine" messages) and error (for
187 outputting messages that indicate a problem that we think a user should
188 know about). Reporting a message to the user with the info function
189 will only be sent if the `MONKEYSPHERE_LOG_LEVEL` setting is `INFO`.
190 Reporting a message to the user with the error function will always be
191 output regardless of the `MONKEYSPHERE_LOG_LEVEL` value.
193 * Go through the code and, for each use of the current log/loge
194 function, determine if they should be replaced with info or error
195 depending on how critical we think the message is.
203 Sir Jam Jam's proposal sounds good to me, but why make it two separate
204 functions? Given the number of log levels used by OpenSSH, i'd prefer
205 to make a single function that takes two arguments: the first argument
206 is the level of the log, and the second argument is the data to be
207 logged itself. So you'd say:
209 log error "This is really terrible and broken!"
210 log info "The fuzzy bunny just smiled at you and nodded."
212 Is that a reasonable amendment? It seems like it will make it easier
213 to add more levels if we find we need them, and it makes it easy to
214 find every single log message in the source code at the same time.
220 I just implemented the proposal (incorporating dkg's suggestion about
221 only having one function). It's committed in my quiet-mode branch (still
222 not merged with master - pending review).
224 Thanks for all the feedback!
230 Ok, this plans makes sense. I'll merge SJJ's patches as soon as I get
237 I implemented a variant of SJJ's proposed changes in
238 bb2427c28bf40179c4881b22c23f23f9bea78f55 (0.12 pre). I tried to make
239 it so that we could more easily expand the number of levels if need
240 be. I made a first pass at specifying which output is what priority,
241 but folks should please speak up if they think the priority of any
242 particular output should be changed.
244 I'll leave the bug open for a bit until it get more tested and 0.12
251 I think this is [[/bugs/done]] as of version 0.12-1.
projects / monkeysphere.git / blob