Leverage global SSHAgentAuth setting

This addresses users issues in being unable to use RKE command line using SSH_AUTH_SOCK. On OSX the socket env var is set, but nothing is listening. Also, Linux users have reported issues. To address this the default mode is to not use SSH Agent Auth. A user must set it explicitly in either the config file or on the CLI. The only way to use a passphrase protected key file is with a properly configured SSH Agent and using SSH Agent Auth.
2025-09-01 15:06:23 +00:00 · 2018-03-05 17:52:43 -07:00
parent f76f954b42
commit ad0bc6c0aa
6 changed files with 74 additions and 24 deletions
--- a/cmd/common.go
+++ b/cmd/common.go
@@ -6,9 +6,17 @@ import (
 	"os"
 	"path/filepath"

+	"github.com/rancher/types/apis/management.cattle.io/v3"
 	"github.com/urfave/cli"
 )

+var sshCliOptions = []cli.Flag{
+	cli.BoolFlag{
+		Name:  "ssh-agent-auth",
+		Usage: "Use SSH Agent Auth defined by SSH_AUTH_SOCK",
+	},
+}
+
 func resolveClusterFile(ctx *cli.Context) (string, string, error) {
 	clusterFile := ctx.String("config")
 	fp, err := filepath.Abs(clusterFile)
@@ -27,3 +35,11 @@ func resolveClusterFile(ctx *cli.Context) (string, string, error) {
 	clusterFileBuff := string(buf)
 	return clusterFileBuff, clusterFile, nil
 }
+
+func setOptionsFromCLI(c *cli.Context, rkeConfig *v3.RancherKubernetesEngineConfig) (*v3.RancherKubernetesEngineConfig, error) {
+	// If true... override the file.. else let file value go through
+	if c.Bool("ssh-agent-auth") {
+		rkeConfig.SSHAgentAuth = c.Bool("ssh-agent-auth")
+	}
+	return rkeConfig, nil
+}