diff options
author | Thom May <thom@may.lt> | 2017-03-06 19:35:44 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-03-06 19:35:44 +0000 |
commit | 8f146dce498b380bb8e70a22688055adf5f6daae (patch) | |
tree | 3ac26c492cc998e8be3f6f57881d2bab4a69b7b8 /lib/chef/knife | |
parent | b4632f4263ee4ddec7f92cdb9e1ee6dee68fc758 (diff) | |
parent | 8d8d533642def762cf5fe57ade8460a880e50c40 (diff) | |
download | chef-8f146dce498b380bb8e70a22688055adf5f6daae.tar.gz |
Merge pull request #5830 from shortdudey123/CHEF-4538_ssh-gateway-identity-auth
CHEF-4538 - add an option for gateway_identity_file that will allow key-based authentication on the gateway.
Diffstat (limited to 'lib/chef/knife')
-rw-r--r-- | lib/chef/knife/bootstrap.rb | 6 | ||||
-rw-r--r-- | lib/chef/knife/ssh.rb | 14 |
2 files changed, 19 insertions, 1 deletions
diff --git a/lib/chef/knife/bootstrap.rb b/lib/chef/knife/bootstrap.rb index ee4d9ce7af..f9dca7896a 100644 --- a/lib/chef/knife/bootstrap.rb +++ b/lib/chef/knife/bootstrap.rb @@ -67,6 +67,11 @@ class Chef :description => "The ssh gateway", :proc => Proc.new { |key| Chef::Config[:knife][:ssh_gateway] = key } + option :ssh_gateway_identity, + :long => "--ssh-gateway-identity SSH_GATEWAY_IDENTITY", + :description => "The SSH identity file used for gateway authentication", + :proc => Proc.new { |key| Chef::Config[:knife][:ssh_gateway_identity] = key } + option :forward_agent, :short => "-A", :long => "--forward-agent", @@ -438,6 +443,7 @@ class Chef ssh.config[:ssh_password] = config[:ssh_password] ssh.config[:ssh_port] = config[:ssh_port] ssh.config[:ssh_gateway] = config[:ssh_gateway] + ssh.config[:ssh_gateway_identity] = config[:ssh_gateway_identity] ssh.config[:forward_agent] = config[:forward_agent] ssh.config[:ssh_identity_file] = config[:ssh_identity_file] || config[:identity_file] ssh.config[:manual] = true diff --git a/lib/chef/knife/ssh.rb b/lib/chef/knife/ssh.rb index e206f72630..d79565991f 100644 --- a/lib/chef/knife/ssh.rb +++ b/lib/chef/knife/ssh.rb @@ -92,6 +92,10 @@ class Chef :description => "The ssh gateway", :proc => Proc.new { |key| Chef::Config[:knife][:ssh_gateway] = key.strip } + option :ssh_gateway_identity, + :long => "--ssh-gateway-identity SSH_GATEWAY_IDENTITY", + :description => "The SSH identity file used for gateway authentication" + option :forward_agent, :short => "-A", :long => "--forward-agent", @@ -250,7 +254,10 @@ class Chef {}.tap do |opts| # Chef::Config[:knife][:ssh_user] is parsed in #configure_user and written to config[:ssh_user] opts[:user] = user || config[:ssh_user] || ssh_config[:user] - if config[:ssh_identity_file] + if config[:ssh_gateway_identity] + opts[:keys] = File.expand_path(config[:ssh_gateway_identity]) + opts[:keys_only] = true + elsif config[:ssh_identity_file] opts[:keys] = File.expand_path(config[:ssh_identity_file]) opts[:keys_only] = true elsif config[:ssh_password] @@ -546,6 +553,10 @@ class Chef config[:ssh_identity_file] = get_stripped_unfrozen_value(config[:ssh_identity_file] || config[:identity_file] || Chef::Config[:knife][:ssh_identity_file]) end + def configure_ssh_gateway_identity + config[:ssh_gateway_identity] = get_stripped_unfrozen_value(config[:ssh_gateway_identity] || Chef::Config[:knife][:ssh_gateway_identity]) + end + def run @longest = 0 @@ -553,6 +564,7 @@ class Chef configure_password @password = config[:ssh_password] if config[:ssh_password] configure_ssh_identity_file + configure_ssh_gateway_identity configure_gateway configure_session |