func (s *SSHCommandSuite) TestCommandSetKnownHostsFile(c *gc.C) {
var opts ssh.Options
opts.SetKnownHostsFile("/tmp/known hosts")
s.assertCommandArgs(c, s.commandOptions([]string{echoCommand, "123"}, &opts),
fmt.Sprintf("%s -o StrictHostKeyChecking no -o PasswordAuthentication no -o ServerAliveInterval 30 -o UserKnownHostsFile \"/tmp/known hosts\" localhost %s 123",
s.fakessh, echoCommand),
)
}
// getSSHOptions configures and returns SSH options and proxy settings.
func (c *SSHCommon) getSSHOptions(enablePty bool) (*ssh.Options, error) {
var options ssh.Options
// TODO(waigani) do not save fingerprint only until this bug is addressed:
// lp:892552. Also see lp:1334481.
options.SetKnownHostsFile("/dev/null")
if enablePty {
options.EnablePTY()
}
var err error
if c.proxy, err = c.proxySSH(); err != nil {
return nil, err
} else if c.proxy {
if err := c.setProxyCommand(&options); err != nil {
return nil, err
}
}
return &options, nil
}
// getSSHOptions configures SSH options based on command line
// arguments and the SSH targets specified.
func (c *SSHCommon) getSSHOptions(enablePty bool, targets ...*resolvedTarget) (*ssh.Options, error) {
var options ssh.Options
if c.noHostKeyChecks {
options.SetStrictHostKeyChecking(ssh.StrictHostChecksNo)
options.SetKnownHostsFile("/dev/null")
} else {
knownHostsPath, err := c.generateKnownHosts(targets)
if err != nil {
return nil, errors.Trace(err)
}
// There might not be a custom known_hosts file if the SSH
// targets are specified using arbitrary hostnames or
// addresses. In this case, the user's personal known_hosts
// file is used.
if knownHostsPath != "" {
// When a known_hosts file has been generated, enforce
// strict host key checking.
options.SetStrictHostKeyChecking(ssh.StrictHostChecksYes)
options.SetKnownHostsFile(knownHostsPath)
} else {
// If the user's personal known_hosts is used, also use
// the user's personal StrictHostKeyChecking preferences.
options.SetStrictHostKeyChecking(ssh.StrictHostChecksUnset)
}
}
if enablePty {
options.EnablePTY()
}
if c.proxy {
if err := c.setProxyCommand(&options); err != nil {
return nil, err
}
}
return &options, nil
}