func (s *AuthKeysSuite) TestReadAuthorizedKeys(c *gc.C) {
writeFile(c, filepath.Join(s.dotssh, "id_rsa.pub"), "id_rsa")
writeFile(c, filepath.Join(s.dotssh, "identity.pub"), "identity")
writeFile(c, filepath.Join(s.dotssh, "test.pub"), "test")
keys, err := config.ReadAuthorizedKeys("")
c.Assert(err, gc.IsNil)
c.Assert(keys, gc.Equals, "id_rsa\nidentity\n")
keys, err = config.ReadAuthorizedKeys("test.pub") // relative to ~/.ssh
c.Assert(err, gc.IsNil)
c.Assert(keys, gc.Equals, "test\n")
}
// ProvisionMachine provisions a machine agent to an existing host, via
// an SSH connection to the specified host. The host may optionally be preceded
// with a login username, as in [user@]host.
//
// On successful completion, this function will return the id of the state.Machine
// that was entered into state.
func ProvisionMachine(args ProvisionMachineArgs) (machineId string, err error) {
client, err := juju.NewAPIClientFromName(args.EnvName)
if err != nil {
return "", err
}
defer func() {
if machineId != "" && err != nil {
logger.Errorf("provisioning failed, removing machine %v: %v", machineId, err)
if cleanupErr := client.DestroyMachines(machineId); cleanupErr != nil {
logger.Warningf("error cleaning up machine: %s", cleanupErr)
}
machineId = ""
}
client.Close()
}()
// Create the "ubuntu" user and initialise passwordless sudo. We populate
// the ubuntu user's authorized_keys file with the public keys in the current
// user's ~/.ssh directory. The authenticationworker will later update the
// ubuntu user's authorized_keys.
user, hostname := splitUserHost(args.Host)
authorizedKeys, err := config.ReadAuthorizedKeys("")
if err := InitUbuntuUser(hostname, user, authorizedKeys, args.Stdin, args.Stdout); err != nil {
return "", err
}
machineParams, err := gatherMachineParams(hostname)
if err != nil {
return "", err
}
// Inform Juju that the machine exists.
machineId, err = recordMachineInState(client, *machineParams)
if err != nil {
return "", err
}
provisioningScript, err := client.ProvisioningScript(params.ProvisioningScriptParams{
MachineId: machineId,
Nonce: machineParams.Nonce,
})
if err != nil {
return "", err
}
// Finally, provision the machine agent.
err = runProvisionScript(provisioningScript, hostname, args.Stderr)
if err != nil {
return machineId, err
}
logger.Infof("Provisioned machine %v", machineId)
return machineId, nil
}
func (s *AuthKeysSuite) TestReadAuthorizedKeysClientKeys(c *gc.C) {
keydir := filepath.Join(s.dotssh, "juju")
err := ssh.LoadClientKeys(keydir) // auto-generates a key pair
c.Assert(err, gc.IsNil)
pubkeyFiles := ssh.PublicKeyFiles()
c.Assert(pubkeyFiles, gc.HasLen, 1)
data, err := ioutil.ReadFile(pubkeyFiles[0])
c.Assert(err, gc.IsNil)
prefix := strings.Trim(string(data), "\n") + "\n"
writeFile(c, filepath.Join(s.dotssh, "id_rsa.pub"), "id_rsa")
writeFile(c, filepath.Join(s.dotssh, "test.pub"), "test")
keys, err := config.ReadAuthorizedKeys("")
c.Assert(err, gc.IsNil)
c.Assert(keys, gc.Equals, prefix+"id_rsa\n")
keys, err = config.ReadAuthorizedKeys("test.pub")
c.Assert(err, gc.IsNil)
c.Assert(keys, gc.Equals, prefix+"test\n")
keys, err = config.ReadAuthorizedKeys("notthere.pub")
c.Assert(err, gc.IsNil)
c.Assert(keys, gc.Equals, prefix)
}
func (s *AuthKeysSuite) TestReadAuthorizedKeysErrors(c *gc.C) {
_, err := config.ReadAuthorizedKeys("")
c.Assert(err, gc.ErrorMatches, "no public ssh keys found")
_, err = config.ReadAuthorizedKeys(filepath.Join(s.dotssh, "notthere.pub"))
c.Assert(err, gc.ErrorMatches, "no public ssh keys found")
}