func doSetupSSH(configModel config.MachineConfigModel) (config.SSHConfigModel, error) { log.Infoln("==> doSetupSSH") sshConfigModel := config.SSHConfigModel{} // Read `vagrant ssh-config` log/output outputs, err := utils.RunAndReturnCombinedOutput(MachineWorkdir.Get(), configModel.AllCmdEnvsForConfigType(MachineConfigTypeID.Get()), "vagrant", "ssh-config") if err != nil { log.Errorf("'vagrant ssh-config' failed with output: %s", outputs) return sshConfigModel, err } log.Debugln("===> (raw) vagrant ssh-config retrieved") // Convert `vagrant ssh-config` to our SSHConfigModel sshConfigModel, err = config.CreateSSHConfigFromVagrantSSHConfigLog(outputs) if err != nil { log.Errorf("'vagrant ssh-config' returned an invalid output (failed to scan SSH Config): %s", outputs) return sshConfigModel, err } log.Debugln("===> vagrant ssh-config parsed") // Generate SSH Keypair privBytes, pubBytes, err := utils.GenerateSSHKeypair() if err != nil { return sshConfigModel, err } log.Debugln("===> SSH Keypair generated") // Write the SSH Keypair to file privKeyFilePth, _, err := config.WriteSSHKeypairToFiles(MachineWorkdir.Get(), privBytes, pubBytes) if err != nil { return sshConfigModel, err } log.Debugln("===> SSH Keypair written to file") // Replace the ~/.ssh/authorized_keys inside the VM to only allow // the new keypair replaceAuthKeysCmd := fmt.Sprintf(`printf "%s" > ~/.ssh/authorized_keys`, pubBytes) log.Debugf("===> Running command through SSH: %s", replaceAuthKeysCmd) if err := utils.RunCommandThroughSSH(sshConfigModel, replaceAuthKeysCmd); err != nil { return sshConfigModel, err } log.Debugln("===> SSH Keypair is now authorized to access the VM") // Save private key as the new identity sshConfigModel.IdentityPath = privKeyFilePth if err := sshConfigModel.WriteIntoFileInDir(MachineWorkdir.Get()); err != nil { return sshConfigModel, err } log.Debugln("===> New identity (private SSH key) saved into config in workdir") log.Debugln("==> doSetupSSH [done]") return sshConfigModel, nil }