summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPetr Viktorin <pviktori@redhat.com>2013-06-05 15:41:37 +0200
committerPetr Viktorin <pviktori@redhat.com>2013-07-15 15:49:10 +0200
commitd84e10347eb42ffca7d5d761e0f7af447f3e2ef7 (patch)
treefd6defd6fa9a7cc3eb4d8374ffc44a6c8a9d24a3
parent9cbd2327180055b79acbb37e814006f7176d2291 (diff)
downloadfreeipa-d84e10347eb42ffca7d5d761e0f7af447f3e2ef7.zip
freeipa-d84e10347eb42ffca7d5d761e0f7af447f3e2ef7.tar.gz
freeipa-d84e10347eb42ffca7d5d761e0f7af447f3e2ef7.tar.xz
tests: Allow public keys for authentication to the remote machines
Part of the work for https://fedorahosted.org/freeipa/ticket/3621
-rw-r--r--ipatests/test_integration/config.py9
-rw-r--r--ipatests/test_integration/host.py16
2 files changed, 23 insertions, 2 deletions
diff --git a/ipatests/test_integration/config.py b/ipatests/test_integration/config.py
index 22e442d..adc3996 100644
--- a/ipatests/test_integration/config.py
+++ b/ipatests/test_integration/config.py
@@ -37,6 +37,7 @@ class Config(object):
self.test_dir = kwargs.get('test_dir', '/root/ipatests')
self.root_password = kwargs.get('root_password')
+ self.root_ssh_key_filename = kwargs.get('root_ssh_key_filename')
self.ipv6 = bool(kwargs.get('ipv6', False))
self.debug = bool(kwargs.get('debug', False))
self.admin_name = kwargs.get('admin_name') or 'admin'
@@ -50,6 +51,9 @@ class Config(object):
self.ntp_server = kwargs.get('ntp_server') or (
'%s.pool.ntp.org' % random.randint(0, 3))
+ if not self.root_password and not self.root_ssh_key_filename:
+ self.root_ssh_key_filename = '~/.ssh/id_rsa'
+
self.domains = []
@classmethod
@@ -63,7 +67,10 @@ class Config(object):
by default /root/ipatests
IPv6SETUP: "TRUE" if setting up with IPv6
IPADEBUG: non-empty if debugging is turned on
+ IPA_ROOT_SSH_KEY: File with root's private RSA key for SSH
+ (default: ~/.ssh/id_rsa)
IPA_ROOT_SSH_PASSWORD: SSH password for root
+ (used if IPA_ROOT_SSH_KEY is not set)
ADMINID: Administrator username
ADMINPW: Administrator password
@@ -87,6 +94,7 @@ class Config(object):
ipv6=(env.get('IPv6SETUP') == 'TRUE'),
debug=env.get('IPADEBUG'),
root_password=env.get('IPA_ROOT_SSH_PASSWORD'),
+ root_ssh_key_filename=env.get('IPA_ROOT_SSH_KEY'),
admin_name=env.get('ADMINID'),
admin_password=env.get('ADMINPW'),
dirman_dn=env.get('ROOTDN'),
@@ -115,6 +123,7 @@ class Config(object):
env['IPv6SETUP'] = 'TRUE' if self.ipv6 else ''
env['IPADEBUG'] = 'TRUE' if self.debug else ''
env['IPA_ROOT_SSH_PASSWORD'] = self.root_password or ''
+ env['IPA_ROOT_SSH_KEY'] = self.root_ssh_key_filename or ''
env['ADMINID'] = self.admin_name
env['ADMINPW'] = self.admin_password
diff --git a/ipatests/test_integration/host.py b/ipatests/test_integration/host.py
index da5546d..b4d736c 100644
--- a/ipatests/test_integration/host.py
+++ b/ipatests/test_integration/host.py
@@ -145,6 +145,7 @@ class Host(object):
self.role = 'other'
self.root_password = self.config.root_password
+ self.root_ssh_key_filename = self.config.root_ssh_key_filename
self.host_key = None
self.ssh_port = 22
@@ -233,8 +234,19 @@ class Host(object):
except AttributeError:
sock = socket.create_connection((self.hostname, self.ssh_port))
self._transport = transport = paramiko.Transport(sock)
- transport.connect(hostkey=self.host_key, username='root',
- password=self.root_password)
+ transport.connect(hostkey=self.host_key)
+ if self.root_ssh_key_filename:
+ self.log.debug('Authenticating with private RSA key')
+ filename = os.path.expanduser(self.root_ssh_key_filename)
+ key = paramiko.RSAKey.from_private_key_file(filename)
+ transport.auth_publickey(username='root', key=key)
+ elif self.root_password:
+ self.log.debug('Authenticating with password')
+ transport.auth_password(username='root',
+ password=self.root_password)
+ else:
+ self.log.critical('No SSH credentials configured')
+ raise RuntimeError('No SSH credentials configured')
return transport
@property