// sshConfig returns the ssh configuration.
func sshConfig(state multistep.StateBag) (*gossh.ClientConfig, error) {
config := state.Get("config").(*Config)
privateKey := state.Get("ssh_private_key").(string)
keyring := new(ssh.SimpleKeychain)
if err := keyring.AddPEMKey(privateKey); err != nil {
return nil, fmt.Errorf("Error setting up SSH config: %s", err)
}
sshConfig := &gossh.ClientConfig{
User: config.SSHUsername,
Auth: []gossh.ClientAuth{gossh.ClientAuthKeyring(keyring)},
}
return sshConfig, nil
}
func clientConfig() *ssh.ClientConfig {
keyChecker := storedHostKey{}
keyChecker.Add(hostKeyECDSA.PublicKey())
keyChecker.Add(hostKeyRSA.PublicKey())
keyChecker.Add(hostKeyDSA.PublicKey())
kc := new(keychain)
kc.keys = append(kc.keys, privateKey)
config := &ssh.ClientConfig{
User: username(),
Auth: []ssh.ClientAuth{
ssh.ClientAuthKeyring(kc),
},
HostKeyChecker: &keyChecker,
}
return config
}
// SSHConfig returns a function that can be used for the SSH communicator
// config for connecting to the instance created over SSH using the generated
// private key.
func SSHConfig(username string) func(multistep.StateBag) (*gossh.ClientConfig, error) {
return func(state multistep.StateBag) (*gossh.ClientConfig, error) {
privateKey := state.Get("privateKey").(string)
keyring := new(ssh.SimpleKeychain)
if err := keyring.AddPEMKey(privateKey); err != nil {
return nil, fmt.Errorf("Error setting up SSH config: %s", err)
}
return &gossh.ClientConfig{
User: username,
Auth: []gossh.ClientAuth{
gossh.ClientAuthKeyring(keyring),
},
}, nil
}
}
func (ss *ScpStorage) Connect() error {
var err error
clientConfig := &ssh.ClientConfig{
User: ss.User,
Auth: []ssh.ClientAuth{
ssh.ClientAuthPassword(password(ss.Password)),
ssh.ClientAuthKeyring(ss.Keychain),
},
}
ss.connexion, err = ssh.Dial("tcp", ss.Endpoint, clientConfig)
if err != nil {
return fmt.Errorf("Failed to dial: %s", err.Error())
}
return nil
}
func makeConfig() (config *ssh.ClientConfig, agentUnixSock net.Conn) {
clientAuth := []ssh.ClientAuth{}
var (
agentKr ssh.ClientKeyring
ok bool
err error
)
if sshAuthSock != "" {
for {
agentUnixSock, err = net.Dial("unix", sshAuthSock)
if err != nil {
netErr := err.(net.Error)
if netErr.Temporary() {
time.Sleep(time.Duration(rand.Intn(100)) * time.Millisecond)
continue
}
reportErrorToUser("Cannot open connection to SSH agent: " + netErr.Error())
} else {
authAgent := ssh.ClientAuthAgent(ssh.NewAgentClient(agentUnixSock))
agentKr, ok = authAgent.(ssh.ClientKeyring)
if !ok {
reportErrorToUser("Type assertion failed: ssh.ClientAuthAgent no longer returns ssh.ClientKeyring, using fallback")
clientAuth = append(clientAuth, authAgent)
}
}
break
}
}
keyring := ssh.ClientAuthKeyring(&SignerContainer{signers, agentKr})
clientAuth = append(clientAuth, keyring)
config = &ssh.ClientConfig{
User: user,
Auth: clientAuth,
}
return
}
func SSHConfigFunc(config SSHConfig) func(multistep.StateBag) (*gossh.ClientConfig, error) {
return func(state multistep.StateBag) (*gossh.ClientConfig, error) {
auth := []gossh.ClientAuth{
gossh.ClientAuthPassword(ssh.Password(config.SSHPassword)),
gossh.ClientAuthKeyboardInteractive(
ssh.PasswordKeyboardInteractive(config.SSHPassword)),
}
if config.SSHKeyPath != "" {
keyring, err := sshKeyToKeyring(config.SSHKeyPath)
if err != nil {
return nil, err
}
auth = append(auth, gossh.ClientAuthKeyring(keyring))
}
return &gossh.ClientConfig{
User: config.SSHUser,
Auth: auth,
}, nil
}
}
// SSHConfig returns a function that can be used for the SSH communicator
// config for connecting to the specified host via SSH
// private_key_file has precedence over password!
func SSHConfig(username string, password string, privateKeyFile string) func(multistep.StateBag) (*gossh.ClientConfig, error) {
return func(state multistep.StateBag) (*gossh.ClientConfig, error) {
if privateKeyFile != "" {
// key based auth
bytes, err := ioutil.ReadFile(privateKeyFile)
if err != nil {
return nil, fmt.Errorf("Error setting up SSH config: %s", err)
}
privateKey := string(bytes)
keyring := new(ssh.SimpleKeychain)
if err := keyring.AddPEMKey(privateKey); err != nil {
return nil, fmt.Errorf("Error setting up SSH config: %s", err)
}
return &gossh.ClientConfig{
User: username,
Auth: []gossh.ClientAuth{
gossh.ClientAuthKeyring(keyring),
},
}, nil
} else {
// password based auth
return &gossh.ClientConfig{
User: username,
Auth: []gossh.ClientAuth{
gossh.ClientAuthPassword(ssh.Password(password)),
gossh.ClientAuthKeyboardInteractive(ssh.PasswordKeyboardInteractive(password)),
},
}, nil
}
}
}