Revision 652d6694 lib/ssh.py
b/lib/ssh.py | ||
---|---|---|
78 | 78 |
else: |
79 | 79 |
self.sstore = sstore |
80 | 80 |
|
81 |
def _BuildSshOptions(self, batch, ask_key, use_cluster_key): |
|
81 |
def _BuildSshOptions(self, batch, ask_key, use_cluster_key, |
|
82 |
strict_host_check): |
|
82 | 83 |
options = [ |
83 | 84 |
"-oEscapeChar=none", |
84 | 85 |
"-oHashKnownHosts=no", |
... | ... | |
89 | 90 |
if use_cluster_key: |
90 | 91 |
options.append("-oHostKeyAlias=%s" % self.sstore.GetClusterName()) |
91 | 92 |
|
93 |
# TODO: Too many boolean options, maybe convert them to more descriptive |
|
94 |
# constants. |
|
95 |
|
|
92 | 96 |
# Note: ask_key conflicts with batch mode |
93 | 97 |
if batch: |
94 | 98 |
if ask_key: |
95 | 99 |
raise errors.ProgrammerError("SSH call requested conflicting options") |
96 | 100 |
|
97 |
options.extend([ |
|
98 |
"-oBatchMode=yes", |
|
99 |
"-oStrictHostKeyChecking=yes", |
|
100 |
]) |
|
101 |
options.append("-oBatchMode=yes") |
|
102 |
|
|
103 |
if strict_host_check: |
|
104 |
options.append("-oStrictHostKeyChecking=yes") |
|
105 |
else: |
|
106 |
options.append("-oStrictHostKeyChecking=no") |
|
101 | 107 |
|
102 | 108 |
elif ask_key: |
103 | 109 |
options.extend([ |
... | ... | |
107 | 113 |
return options |
108 | 114 |
|
109 | 115 |
def BuildCmd(self, hostname, user, command, batch=True, ask_key=False, |
110 |
tty=False, use_cluster_key=True): |
|
116 |
tty=False, use_cluster_key=True, strict_host_check=True):
|
|
111 | 117 |
"""Build an ssh command to execute a command on a remote node. |
112 | 118 |
|
113 | 119 |
Args: |
... | ... | |
118 | 124 |
ask_key: if true, ssh will run with StrictHostKeyChecking=ask, so that |
119 | 125 |
we can connect to an unknown host (not valid in batch mode) |
120 | 126 |
use_cluster_key: Whether to expect and use the cluster-global SSH key |
127 |
strict_host_check: Whether to check the host's SSH key at all |
|
121 | 128 |
|
122 | 129 |
Returns: |
123 | 130 |
The ssh call to run 'command' on the remote host. |
124 | 131 |
|
125 | 132 |
""" |
126 | 133 |
argv = [constants.SSH, "-q"] |
127 |
argv.extend(self._BuildSshOptions(batch, ask_key, use_cluster_key)) |
|
134 |
argv.extend(self._BuildSshOptions(batch, ask_key, use_cluster_key, |
|
135 |
strict_host_check)) |
|
128 | 136 |
if tty: |
129 | 137 |
argv.append("-t") |
130 | 138 |
argv.extend(["%s@%s" % (user, hostname), command]) |
... | ... | |
165 | 173 |
return False |
166 | 174 |
|
167 | 175 |
command = [constants.SCP, "-q", "-p"] |
168 |
command.extend(self._BuildSshOptions(True, False, True)) |
|
176 |
command.extend(self._BuildSshOptions(True, False, True, True))
|
|
169 | 177 |
command.append(filename) |
170 | 178 |
command.append("%s:%s" % (node, filename)) |
171 | 179 |
|
Also available in: Unified diff