1
0
mirror of https://github.com/rancher/rke.git synced 2025-08-31 06:34:03 +00:00

Fix regression with passphrased keys

This commit is contained in:
galal-hussein
2018-01-09 21:50:10 +02:00
parent 5ed42880e4
commit 5596b0e5e0
3 changed files with 23 additions and 15 deletions

View File

@@ -16,7 +16,7 @@ type dialer struct {
}
func SSHFactory(h *Host) (func(network, address string) (net.Conn, error), error) {
key, err := checkEncryptedKey(h.SSHKey, h.SSHKeyPath)
key, err := h.checkEncryptedKey()
if err != nil {
return nil, fmt.Errorf("Failed to parse the private key: %v", err)
}
@@ -28,7 +28,7 @@ func SSHFactory(h *Host) (func(network, address string) (net.Conn, error), error
}
func LocalConnFactory(h *Host) (func(network, address string) (net.Conn, error), error) {
key, err := checkEncryptedKey(h.SSHKey, h.SSHKeyPath)
key, err := h.checkEncryptedKey()
if err != nil {
return nil, fmt.Errorf("Failed to parse the private key: %v", err)
}

View File

@@ -24,6 +24,7 @@ type Host struct {
EnforceDockerVersion bool
ToAddEtcdMember bool
ExistingEtcdCluster bool
SavedKeyPhrase string
}
const (

View File

@@ -77,14 +77,14 @@ func makeSSHConfig(user string, signer ssh.Signer) (*ssh.ClientConfig, error) {
return &config, nil
}
func checkEncryptedKey(sshKey, sshKeyPath string) (ssh.Signer, error) {
func (h *Host) checkEncryptedKey() (ssh.Signer, error) {
logrus.Debugf("[ssh] Checking private key")
var err error
var key ssh.Signer
if len(sshKey) > 0 {
key, err = parsePrivateKey(sshKey)
if len(h.SSHKey) > 0 {
key, err = parsePrivateKey(h.SSHKey)
} else {
key, err = parsePrivateKey(privateKeyPath(sshKeyPath))
key, err = parsePrivateKey(privateKeyPath(h.SSHKeyPath))
}
if err == nil {
return key, nil
@@ -92,16 +92,23 @@ func checkEncryptedKey(sshKey, sshKeyPath string) (ssh.Signer, error) {
// parse encrypted key
if strings.Contains(err.Error(), "decode encrypted private keys") {
fmt.Printf("Passphrase for Private SSH Key: ")
passphrase, err := terminal.ReadPassword(int(syscall.Stdin))
fmt.Printf("\n")
if err != nil {
return nil, err
}
if len(sshKey) > 0 {
key, err = parsePrivateKeyWithPassPhrase(sshKey, passphrase)
var passphrase []byte
if len(h.SavedKeyPhrase) == 0 {
fmt.Printf("Passphrase for Private SSH Key: ")
passphrase, err = terminal.ReadPassword(int(syscall.Stdin))
fmt.Printf("\n")
if err != nil {
return nil, err
}
h.SavedKeyPhrase = string(passphrase)
} else {
key, err = parsePrivateKeyWithPassPhrase(privateKeyPath(sshKeyPath), passphrase)
passphrase = []byte(h.SavedKeyPhrase)
}
if len(h.SSHKey) > 0 {
key, err = parsePrivateKeyWithPassPhrase(h.SSHKey, passphrase)
} else {
key, err = parsePrivateKeyWithPassPhrase(privateKeyPath(h.SSHKeyPath), passphrase)
}
if err != nil {
return nil, err