diff --git a/src/clj_ssh/ssh.clj b/src/clj_ssh/ssh.clj index ede056c..8e5a8cf 100644 --- a/src/clj_ssh/ssh.clj +++ b/src/clj_ssh/ssh.clj @@ -430,21 +430,26 @@ keys. All other option key pairs will be passed as SSH config options." (finally (disconnect session#))))) +(defn clean-sensitive-data [hosts] + "Remove password from hosts vector" + (map #(dissoc % :password) hosts)) + ;;; Jump Hosts (defn- jump-connect [agent hosts sessions timeout] (let [host (first hosts) s (session agent (:hostname host) (dissoc host :hostname)) throw-e (fn [e s] - (throw - (ex-info - (str "Failed to connect " - (.getUserName s) "@" - (.getHost s) ":" - (.getPort s) - " " (pr-str (into [] (.getIdentityNames agent))) - " " (pr-str hosts)) - {:hosts hosts} - e)))] + (let [clear-hosts (clean-sensitive-data hosts)] + (throw + (ex-info + (str "Failed to connect " + (.getUserName s) "@" + (.getHost s) ":" + (.getPort s) + " " (pr-str (into [] (.getIdentityNames agent))) + " " (pr-str clear-hosts)) + {:hosts clear-hosts} + e))))] (swap! sessions (fnil conj []) s) (try (connect s timeout) diff --git a/test/clj_ssh/ssh_test.clj b/test/clj_ssh/ssh_test.clj index d5ed773..e9577c2 100644 --- a/test/clj_ssh/ssh_test.clj +++ b/test/clj_ssh/ssh_test.clj @@ -636,3 +636,9 @@ ":channel not connected") (is (zero? (exit-status (:channel proc))) "zero exit status"))))))) + +(deftest clean-sensitive-data-test + (are [?in ?out] + (= ?out (clean-sensitive-data ?in)) + [{:hostname "host", :username "user", :password "pass123"}] [{:hostname "host", :username "user"}] + [{:hostname "host"}] [{:hostname "host"}]))