fleetctl appends port number in ~/.fleetctl/known_hosts

README.md

@@ -70,4 +70,6 @@ See [CONTRIBUTING](CONTRIBUTING.md) for details on submitting patches and contac
 
 ### License
 
-fleet is under the Apache 2.0 license. See the [LICENSE](LICENSE) file for details.
+fleet is released under the Apache 2.0 license. See the [LICENSE](LICENSE) file for details.
+
+Specific components of fleet use code derivative from software distributed under other licenses; in those cases the appropriate licenses are stipulated alongside the code.

fixtures/known_hosts

@@ -7,4 +7,4 @@
 192.0.2.7 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
 192.0.2.8 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
 192.0.2.9 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
-192.0.2.10:2222 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3y6omlFuiBQfV2lqwqt3EuQHXLxvghhdfyZ840je6pRNnidgfCTmzNgIjmqdfkCwIthh+fhArkFPWIT6dRwim4hhtbpum7AzAay1h6mmLsmJVJQ/nK+zLwQ4JHs6+Tfj6F3iXJyrZR9JMTeLLs0mEd+VNHbX3LxIh7nXk5IM0G5LP2nnIYG96Luu4WunJzFsDVFLgxMl66T9VBYeAIbfUeCoCDYMmJK7kTleLD1XfL2KdoHkh0t9fkJVA5XJUZJPh3PJw+mT7eP3meAMc8EzyCGcRm+5GQzAe2/M4dNaZ5iqF7YIO7HJpA8UyAE+Dgd9WqhoBX/6ItdcuDXVAy63v
+[192.0.2.10]:2222 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3y6omlFuiBQfV2lqwqt3EuQHXLxvghhdfyZ840je6pRNnidgfCTmzNgIjmqdfkCwIthh+fhArkFPWIT6dRwim4hhtbpum7AzAay1h6mmLsmJVJQ/nK+zLwQ4JHs6+Tfj6F3iXJyrZR9JMTeLLs0mEd+VNHbX3LxIh7nXk5IM0G5LP2nnIYG96Luu4WunJzFsDVFLgxMl66T9VBYeAIbfUeCoCDYMmJK7kTleLD1XfL2KdoHkh0t9fkJVA5XJUZJPh3PJw+mT7eP3meAMc8EzyCGcRm+5GQzAe2/M4dNaZ5iqF7YIO7HJpA8UyAE+Dgd9WqhoBX/6ItdcuDXVAy63v

fleetctl/fleetctl.go

@@ -243,7 +243,7 @@ func getChecker() *ssh.HostKeyChecker {
 	}
 
 	keyFile := ssh.NewHostKeyFile(globalFlags.KnownHostsFile)
-	return ssh.NewHostKeyChecker(keyFile, askToTrustHost, nil)
+	return ssh.NewHostKeyChecker(keyFile)
 }
 
 // getUnitFromFile attempts to load a Job from a given filename
@@ -284,20 +284,6 @@ func machineFullLegend(ms machine.MachineState, full bool) string {
 	return legend
 }
 
-func askToTrustHost(addr, algo, fingerprint string) bool {
-	var ans string
-
-	fmt.Fprintf(os.Stderr, "The authenticity of host '%v' can't be established.\n%v key fingerprint is %v.\nAre you sure you want to continue connecting (yes/no)? ", addr, algo, fingerprint)
-	fmt.Scanf("%s\n", &ans)
-
-	ans = strings.ToLower(ans)
-	if ans != "yes" && ans != "y" {
-		return false
-	}
-
-	return true
-}
-
 func findJobs(args []string) (jobs []job.Job, err error) {
 	jobs = make([]job.Job, len(args))
 	for i, v := range args {

fleetctl/ssh.go

@@ -153,16 +153,15 @@ func findAddressInMachineList(lookup string) (string, bool) {
 	if match == nil {
 		return "", false
 	}
-
-	return fmt.Sprintf("%s:22", match.PublicIP), true
+	return match.PublicIP, true
 }
 
 func findAddressInRunningUnits(jobName string) (string, bool) {
 	j := registryCtl.GetJob(unitNameMangle(jobName))
 	if j == nil || j.UnitState == nil {
 		return "", false
 	}
-	return fmt.Sprintf("%s:22", j.UnitState.MachineState.PublicIP), true
+	return j.UnitState.MachineState.PublicIP, true
 }
 
 // runCommand will attempt to run a command on a given machine. It will attempt
@@ -206,9 +205,7 @@ func runLocalCommand(cmd string) (error, int) {
 
 // runRemoteCommand runs the given command over SSH on the given IP, and returns
 // any error encountered and the exit status of the command
-func runRemoteCommand(cmd string, ip string) (err error, exit int) {
-	addr := fmt.Sprintf("%s:22", ip)
-
+func runRemoteCommand(cmd string, addr string) (err error, exit int) {
 	var sshClient *ssh.SSHForwardingClient
 	if tun := getTunnelFlag(); tun != "" {
 		sshClient, err = ssh.NewTunnelledSSHClient("core", tun, addr, getChecker(), false)

fleetctl/ssh_test.go

@@ -44,8 +44,8 @@ func TestSshFindMachine(t *testing.T) {
 	registryCtl = newTestRegistryForSsh()
 
 	ip, _ := findAddressInMachineList("c31e44e1-f858-436e-933e-59c642517860")
-	if ip != "1.2.3.4:22" {
-		t.Errorf("Expected to return the host 1.2.3.4:22, but it was %s", ip)
+	if ip != "1.2.3.4" {
+		t.Errorf("Expected to return the host 1.2.3.4, but it was %s", ip)
 	}
 }
 
@@ -62,8 +62,8 @@ func TestSshFindMachineByJobName(t *testing.T) {
 	registryCtl = newTestRegistryForSsh()
 
 	ip, _ := findAddressInRunningUnits("j1")
-	if ip != "1.2.3.4:22" {
-		t.Errorf("Expected to return the host 1.2.3.4:22, but it was %s", ip)
+	if ip != "1.2.3.4" {
+		t.Errorf("Expected to return the host 1.2.3.4, but it was %s", ip)
 	}
 }
 
@@ -88,8 +88,8 @@ func TestGlobalLookupByMachineID(t *testing.T) {
 		t.Fatal("Expected to not find any error")
 	}
 
-	if ip != "1.2.3.4:22" {
-		t.Errorf("Expected to return the host 1.2.3.4:22, but it was %s", ip)
+	if ip != "1.2.3.4" {
+		t.Errorf("Expected to return the host 1.2.3.4, but it was %s", ip)
 	}
 }
 
@@ -101,8 +101,8 @@ func TestGlobalLookupByJobName(t *testing.T) {
 		t.Fatal("Expected to not find any error")
 	}
 
-	if ip != "1.2.3.4:22" {
-		t.Errorf("Expected to return the host 1.2.3.4:22, but it was %s", ip)
+	if ip != "1.2.3.4" {
+		t.Errorf("Expected to return the host 1.2.3.4, but it was %s", ip)
 	}
 }
 

ssh/LICENSE

@@ -0,0 +1,42 @@
+Portions of fleet's ssh package (particularly related to known_hosts handling)
+are derived from the OpenSSH source, the copyright notices and licenses for
+which follow below.
+
+/*
+ * Author: Tatu Ylonen <[email protected]>
+ * Copyright (c) 1995 Tatu Ylonen <[email protected]>, Espoo, Finland
+ *                    All rights reserved
+ * Simple pattern matching, with '*' and '?' as wildcards.
+ * Functions for manipulating the known hosts files.
+ *
+ * As far as I am concerned, the code I have written for this software
+ * can be used freely for any purpose.  Any derived versions of this
+ * software must be clearly marked as such, and if the derived work is
+ * incompatible with the protocol description in the RFC file, it must be
+ * called by a name other than "ssh" or "Secure Shell".
+ */
+
+/*
+ * Copyright (c) 2000 Markus Friedl.  All rights reserved.
+ * Copyright (c) 1999 Niels Provos.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */