Adding passwordless SSH and fixing some of the spec files #141
Conversation
miroswan
commented
Jul 13, 2015
miroswan
commented
- Adding passwordless SSH
- Fixing issue with legacy include statements in default spec tests.
|
Love the idea, but we can't do this with a static private key :-/ The security issues would be too dangerous. Any chance you could change this to generate a new key pair using something like https://stackoverflow.com/questions/5270386/generate-ssh-keypairs-private-public-without-ssh-keygen ? |
|
I was actually thinking about generating the key on the host and injecting the public key into the container. I think ssh-keygen would have to be installed on the host, which might be problematic for Windows users. Perhaps there is another way. I'll take a look at that stackoverflow link. |
|
Yeah, you can do it all in Ruby code using the |
|
Also if you want to be really fancy, you could use something like https://github.com/coderanger/kitchen-sync/blob/master/lib/kitchen-sync/rsync.rb#L46 to grab an existing identity from ssh-agent and then fall back to creating a new one if that fails. |
|
I have some new code to start. I'm using the sshkey library to generate the pairs. Let me know what you think. I'm assuming it could use some graceful error handling. At least it's a working draft. |
|
Given this can be done easily with net-ssh already, I'm not sure it is worth the extra dependency. |
|
Kinda like how easy sshkey makes it, but I can take a look at net-ssh soonish. |
|
Using net/ssh now. |
|
Love it. @portertech any thoughts on overall thumbs up/down? If not I'll merge this soon. |
| @@ -126,6 +131,22 @@ def docker_command(cmd, options={}) | |||
| run_command("#{docker} #{cmd}", options.merge(:quiet => !logger.debug?)) | |||
| end | |||
|
|
|||
| def generate_keys | |||
| if ! File.exist?(config[:public_key]) or ! File.exist?(config[:private_key]) | |||
There was a problem hiding this comment.
Ruby style? Maybe this should be !File.exist?()?
There was a problem hiding this comment.
Yeah, also needs || instead of or but I can fix that up post merge.
|
@coderanger Did you want me to make these adjustments? I don't mind. |
|
I updated. I chose not to go with unless because it's sometimes unclear if the negation applies to both. Did correct the style though. |
|
|
Adding passwordless SSH and fixing some of the spec files
|
@miroswan Thank you 👍 Will try to get this into a release before the weekend! |
