rancher/rke
1
0
Fork 0
mirror of https://github.com/rancher/rke.git synced 2025-08-31 22:46:25 +00:00
Code Issues Releases Wiki Activity

Fix regression with passphrased keys

Browse Source
This commit is contained in:
galal-hussein
2018-01-09 21:50:10 +02:00
parent 5ed42880e4
commit 5596b0e5e0
3 changed files with 23 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
hosts/dialer.go
View File

@@ -16,7 +16,7 @@ type dialer struct {
} }
func SSHFactory(h *Host) (func(network, address string) (net.Conn, error), error) { func SSHFactory(h *Host) (func(network, address string) (net.Conn, error), error) {
key, err := checkEncryptedKey(h.SSHKey, h.SSHKeyPath) key, err := h.checkEncryptedKey()
if err != nil { if err != nil {
return nil, fmt.Errorf("Failed to parse the private key: %v", err) return nil, fmt.Errorf("Failed to parse the private key: %v", err)
} }
@@ -28,7 +28,7 @@ func SSHFactory(h *Host) (func(network, address string) (net.Conn, error), error
} }
func LocalConnFactory(h *Host) (func(network, address string) (net.Conn, error), error) { func LocalConnFactory(h *Host) (func(network, address string) (net.Conn, error), error) {
key, err := checkEncryptedKey(h.SSHKey, h.SSHKeyPath) key, err := h.checkEncryptedKey()
if err != nil { if err != nil {
return nil, fmt.Errorf("Failed to parse the private key: %v", err) return nil, fmt.Errorf("Failed to parse the private key: %v", err)
} }

1
hosts/hosts.go
View File

@@ -24,6 +24,7 @@ type Host struct {
EnforceDockerVersion bool EnforceDockerVersion bool
ToAddEtcdMember bool ToAddEtcdMember bool
ExistingEtcdCluster bool ExistingEtcdCluster bool
SavedKeyPhrase string
} }
const ( const (

33
hosts/tunnel.go
View File

@@ -77,14 +77,14 @@ func makeSSHConfig(user string, signer ssh.Signer) (*ssh.ClientConfig, error) {
return &config, nil return &config, nil
} }
func checkEncryptedKey(sshKey, sshKeyPath string) (ssh.Signer, error) { func (h *Host) checkEncryptedKey() (ssh.Signer, error) {
logrus.Debugf("[ssh] Checking private key") logrus.Debugf("[ssh] Checking private key")
var err error var err error
var key ssh.Signer var key ssh.Signer
if len(sshKey) > 0 { if len(h.SSHKey) > 0 {
key, err = parsePrivateKey(sshKey) key, err = parsePrivateKey(h.SSHKey)
} else { } else {
key, err = parsePrivateKey(privateKeyPath(sshKeyPath)) key, err = parsePrivateKey(privateKeyPath(h.SSHKeyPath))
} }
if err == nil { if err == nil {
return key, nil return key, nil
@@ -92,16 +92,23 @@ func checkEncryptedKey(sshKey, sshKeyPath string) (ssh.Signer, error) {
// parse encrypted key // parse encrypted key
if strings.Contains(err.Error(), "decode encrypted private keys") { if strings.Contains(err.Error(), "decode encrypted private keys") {
fmt.Printf("Passphrase for Private SSH Key: ") var passphrase []byte
passphrase, err := terminal.ReadPassword(int(syscall.Stdin)) if len(h.SavedKeyPhrase) == 0 {
fmt.Printf("\n") fmt.Printf("Passphrase for Private SSH Key: ")
if err != nil { passphrase, err = terminal.ReadPassword(int(syscall.Stdin))
return nil, err fmt.Printf("\n")
} if err != nil {
if len(sshKey) > 0 { return nil, err
key, err = parsePrivateKeyWithPassPhrase(sshKey, passphrase) }
h.SavedKeyPhrase = string(passphrase)
} else { } else {
key, err = parsePrivateKeyWithPassPhrase(privateKeyPath(sshKeyPath), passphrase) passphrase = []byte(h.SavedKeyPhrase)
}
if len(h.SSHKey) > 0 {
key, err = parsePrivateKeyWithPassPhrase(h.SSHKey, passphrase)
} else {
key, err = parsePrivateKeyWithPassPhrase(privateKeyPath(h.SSHKeyPath), passphrase)
} }
if err != nil { if err != nil {
return nil, err return nil, err