Ejemplo n.º 1
0
func (s *AuthKeysSuite) TestReadAuthorizedKeys(c *gc.C) {
	writeFile(c, filepath.Join(s.dotssh, "id_rsa.pub"), "id_rsa")
	writeFile(c, filepath.Join(s.dotssh, "identity.pub"), "identity")
	writeFile(c, filepath.Join(s.dotssh, "test.pub"), "test")
	keys, err := config.ReadAuthorizedKeys("")
	c.Assert(err, gc.IsNil)
	c.Assert(keys, gc.Equals, "id_rsa\nidentity\n")
	keys, err = config.ReadAuthorizedKeys("test.pub") // relative to ~/.ssh
	c.Assert(err, gc.IsNil)
	c.Assert(keys, gc.Equals, "test\n")
}
Ejemplo n.º 2
0
// ProvisionMachine provisions a machine agent to an existing host, via
// an SSH connection to the specified host. The host may optionally be preceded
// with a login username, as in [user@]host.
//
// On successful completion, this function will return the id of the state.Machine
// that was entered into state.
func ProvisionMachine(args ProvisionMachineArgs) (machineId string, err error) {
	client, err := juju.NewAPIClientFromName(args.EnvName)
	if err != nil {
		return "", err
	}
	defer func() {
		if machineId != "" && err != nil {
			logger.Errorf("provisioning failed, removing machine %v: %v", machineId, err)
			if cleanupErr := client.DestroyMachines(machineId); cleanupErr != nil {
				logger.Warningf("error cleaning up machine: %s", cleanupErr)
			}
			machineId = ""
		}
		client.Close()
	}()

	// Create the "ubuntu" user and initialise passwordless sudo. We populate
	// the ubuntu user's authorized_keys file with the public keys in the current
	// user's ~/.ssh directory. The authenticationworker will later update the
	// ubuntu user's authorized_keys.
	user, hostname := splitUserHost(args.Host)
	authorizedKeys, err := config.ReadAuthorizedKeys("")
	if err := InitUbuntuUser(hostname, user, authorizedKeys, args.Stdin, args.Stdout); err != nil {
		return "", err
	}

	machineParams, err := gatherMachineParams(hostname)
	if err != nil {
		return "", err
	}

	// Inform Juju that the machine exists.
	machineId, err = recordMachineInState(client, *machineParams)
	if err != nil {
		return "", err
	}

	provisioningScript, err := client.ProvisioningScript(params.ProvisioningScriptParams{
		MachineId: machineId,
		Nonce:     machineParams.Nonce,
	})
	if err != nil {
		return "", err
	}

	// Finally, provision the machine agent.
	err = runProvisionScript(provisioningScript, hostname, args.Stderr)
	if err != nil {
		return machineId, err
	}

	logger.Infof("Provisioned machine %v", machineId)
	return machineId, nil
}
Ejemplo n.º 3
0
func (s *AuthKeysSuite) TestReadAuthorizedKeysClientKeys(c *gc.C) {
	keydir := filepath.Join(s.dotssh, "juju")
	err := ssh.LoadClientKeys(keydir) // auto-generates a key pair
	c.Assert(err, gc.IsNil)
	pubkeyFiles := ssh.PublicKeyFiles()
	c.Assert(pubkeyFiles, gc.HasLen, 1)
	data, err := ioutil.ReadFile(pubkeyFiles[0])
	c.Assert(err, gc.IsNil)
	prefix := strings.Trim(string(data), "\n") + "\n"

	writeFile(c, filepath.Join(s.dotssh, "id_rsa.pub"), "id_rsa")
	writeFile(c, filepath.Join(s.dotssh, "test.pub"), "test")
	keys, err := config.ReadAuthorizedKeys("")
	c.Assert(err, gc.IsNil)
	c.Assert(keys, gc.Equals, prefix+"id_rsa\n")
	keys, err = config.ReadAuthorizedKeys("test.pub")
	c.Assert(err, gc.IsNil)
	c.Assert(keys, gc.Equals, prefix+"test\n")
	keys, err = config.ReadAuthorizedKeys("notthere.pub")
	c.Assert(err, gc.IsNil)
	c.Assert(keys, gc.Equals, prefix)
}
Ejemplo n.º 4
0
func (s *AuthKeysSuite) TestReadAuthorizedKeysErrors(c *gc.C) {
	_, err := config.ReadAuthorizedKeys("")
	c.Assert(err, gc.ErrorMatches, "no public ssh keys found")
	_, err = config.ReadAuthorizedKeys(filepath.Join(s.dotssh, "notthere.pub"))
	c.Assert(err, gc.ErrorMatches, "no public ssh keys found")
}