1 files changed, 24 insertions, 12 deletions

diff --git a/lib/chef/knife/ssh.rb b/lib/chef/knife/ssh.rb
index 481d97c1e7..100fee9fef 100644
--- a/lib/chef/knife/ssh.rb
+++ b/lib/chef/knife/ssh.rb
@@ -72,13 +72,13 @@ class Chef
         :short => "-p PORT",
         :long => "--ssh-port PORT",
         :description => "The ssh port",
-        :proc => Proc.new { |key| Chef::Config[:knife][:ssh_port] = key }
+        :proc => Proc.new { |key| Chef::Config[:knife][:ssh_port] = key.strip }
 
       option :ssh_gateway,
         :short => "-G GATEWAY",
         :long => "--ssh-gateway GATEWAY",
         :description => "The ssh gateway",
-        :proc => Proc.new { |key| Chef::Config[:knife][:ssh_gateway] = key }
+        :proc => Proc.new { |key| Chef::Config[:knife][:ssh_gateway] = key.strip }
 
       option :identity_file,
         :short => "-i IDENTITY_FILE",
@@ -114,6 +114,22 @@ class Chef
         @session ||= Net::SSH::Multi.start(:concurrent_connections => config[:concurrency], :on_error => ssh_error_handler)
       end
 
+      def configure_gateway
+        config[:ssh_gateway] ||= Chef::Config[:knife][:ssh_gateway]
+        if config[:ssh_gateway]
+          gw_host, gw_user = config[:ssh_gateway].split('@').reverse
+          gw_host, gw_port = gw_host.split(':')
+          gw_opts = gw_port ? { :port => gw_port } : {}
+
+          session.via(gw_host, gw_user || config[:ssh_user], gw_opts)
+        end
+      rescue Net::SSH::AuthenticationFailed
+        user = gw_user || config[:ssh_user]
+        prompt = "Enter the password for #{user}@#{gw_host}: "
+        gw_opts.merge!(:password => prompt_for_password(prompt))
+        session.via(gw_host, user, gw_opts)
+      end
+
       def configure_session
         list = case config[:manual]
                when true
@@ -154,15 +170,6 @@ class Chef
       end
 
       def session_from_list(list)
-        config[:ssh_gateway] ||= Chef::Config[:knife][:ssh_gateway]
-        if config[:ssh_gateway]
-          gw_host, gw_user = config[:ssh_gateway].split('@').reverse
-          gw_host, gw_port = gw_host.split(':')
-          gw_opts = gw_port ? { :port => gw_port } : {}
-
-          session.via(gw_host, gw_user || config[:ssh_user], gw_opts)
-        end
-
         list.each do |item|
           Chef::Log.debug("Adding #{item}")
           session_opts = {}
@@ -230,7 +237,11 @@ class Chef
       end
 
       def get_password
-        @password ||= ui.ask("Enter your password: ") { |q| q.echo = false }
+        @password ||= prompt_for_password
+      end
+
+      def prompt_for_password(prompt = "Enter your password: ")
+        ui.ask(prompt) { |q| q.echo = false }
       end
 
       # Present the prompt and read a single line from the console. It also
@@ -416,6 +427,7 @@ class Chef
         configure_attribute
         configure_user
         configure_identity_file
+        configure_gateway
         configure_session
 
         exit_status =