Revision 7a6a27af
b/tools/setup-ssh | ||
---|---|---|
169 | 169 |
" <node...>"), prog=program) |
170 | 170 |
parser.add_option(cli.DEBUG_OPT) |
171 | 171 |
parser.add_option(cli.VERBOSE_OPT) |
172 |
default_key = ssh.GetUserFiles(constants.GANETI_RUNAS)[0] |
|
173 |
parser.add_option(optparse.Option("-f", dest="private_key", |
|
174 |
default=default_key, |
|
175 |
help="The private key to (try to) use for" |
|
176 |
"authentication ")) |
|
177 |
parser.add_option(optparse.Option("--key-type", dest="key_type", |
|
178 |
choices=("rsa", "dsa"), default="dsa", |
|
179 |
help="The private key type (rsa or dsa)")) |
|
172 | 180 |
|
173 | 181 |
(options, args) = parser.parse_args() |
174 | 182 |
|
... | ... | |
221 | 229 |
|
222 | 230 |
SetupLogging(options) |
223 | 231 |
|
224 |
passwd = getpass.getpass(prompt="%s password:" % constants.GANETI_RUNAS) |
|
232 |
if options.key_type == "rsa": |
|
233 |
pkclass = paramiko.RSAKey |
|
234 |
elif options.key_type == "dsa": |
|
235 |
pkclass = paramiko.DSSKey |
|
236 |
else: |
|
237 |
logging.critical("Unknown key type %s selected (choose either rsa or dsa)", |
|
238 |
options.key_type) |
|
239 |
sys.exit(1) |
|
240 |
|
|
241 |
try: |
|
242 |
private_key = pkclass.from_private_key_file(options.private_key) |
|
243 |
except (paramiko.SSHException, EnvironmentError), err: |
|
244 |
logging.critical("Can't load private key %s: %s", options.private_key, err) |
|
245 |
sys.exit(1) |
|
246 |
|
|
247 |
passwd = None |
|
248 |
username = constants.GANETI_RUNAS |
|
225 | 249 |
ssh_port = netutils.GetDaemonPort("ssh") |
226 | 250 |
|
227 | 251 |
# Below, we need to join() the transport objects, as otherwise the |
... | ... | |
235 | 259 |
|
236 | 260 |
for host in args: |
237 | 261 |
transport = paramiko.Transport((host, ssh_port)) |
262 |
transport.start_client() |
|
238 | 263 |
try: |
239 |
transport.connect(username=constants.GANETI_RUNAS, password=passwd) |
|
240 |
except Exception, err: |
|
264 |
try: |
|
265 |
transport.auth_publickey(username, private_key) |
|
266 |
logging.info("Authenticated to %s via public key", host) |
|
267 |
except paramiko.SSHException: |
|
268 |
logging.warning("Authentication to %s via public key failed, trying" |
|
269 |
" password", host) |
|
270 |
if passwd is None: |
|
271 |
passwd = getpass.getpass(prompt="%s password:" % username) |
|
272 |
transport.auth_password(username=username, password=passwd) |
|
273 |
logging.info("Authenticated to %s via password", host) |
|
274 |
except paramiko.SSHException, err: |
|
241 | 275 |
logging.error("Connection or authentication failed to host %s: %s", |
242 | 276 |
host, err) |
243 | 277 |
transport.close() |
Also available in: Unified diff