From d84e10347eb42ffca7d5d761e0f7af447f3e2ef7 Mon Sep 17 00:00:00 2001 From: Petr Viktorin Date: Wed, 5 Jun 2013 15:41:37 +0200 Subject: tests: Allow public keys for authentication to the remote machines Part of the work for https://fedorahosted.org/freeipa/ticket/3621 --- ipatests/test_integration/config.py | 9 +++++++++ ipatests/test_integration/host.py | 16 ++++++++++++++-- 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/ipatests/test_integration/config.py b/ipatests/test_integration/config.py index 22e442d15..adc39965c 100644 --- a/ipatests/test_integration/config.py +++ b/ipatests/test_integration/config.py @@ -37,6 +37,7 @@ class Config(object): self.test_dir = kwargs.get('test_dir', '/root/ipatests') self.root_password = kwargs.get('root_password') + self.root_ssh_key_filename = kwargs.get('root_ssh_key_filename') self.ipv6 = bool(kwargs.get('ipv6', False)) self.debug = bool(kwargs.get('debug', False)) self.admin_name = kwargs.get('admin_name') or 'admin' @@ -50,6 +51,9 @@ class Config(object): self.ntp_server = kwargs.get('ntp_server') or ( '%s.pool.ntp.org' % random.randint(0, 3)) + if not self.root_password and not self.root_ssh_key_filename: + self.root_ssh_key_filename = '~/.ssh/id_rsa' + self.domains = [] @classmethod @@ -63,7 +67,10 @@ class Config(object): by default /root/ipatests IPv6SETUP: "TRUE" if setting up with IPv6 IPADEBUG: non-empty if debugging is turned on + IPA_ROOT_SSH_KEY: File with root's private RSA key for SSH + (default: ~/.ssh/id_rsa) IPA_ROOT_SSH_PASSWORD: SSH password for root + (used if IPA_ROOT_SSH_KEY is not set) ADMINID: Administrator username ADMINPW: Administrator password @@ -87,6 +94,7 @@ class Config(object): ipv6=(env.get('IPv6SETUP') == 'TRUE'), debug=env.get('IPADEBUG'), root_password=env.get('IPA_ROOT_SSH_PASSWORD'), + root_ssh_key_filename=env.get('IPA_ROOT_SSH_KEY'), admin_name=env.get('ADMINID'), admin_password=env.get('ADMINPW'), dirman_dn=env.get('ROOTDN'), @@ -115,6 +123,7 @@ class Config(object): env['IPv6SETUP'] = 'TRUE' if self.ipv6 else '' env['IPADEBUG'] = 'TRUE' if self.debug else '' env['IPA_ROOT_SSH_PASSWORD'] = self.root_password or '' + env['IPA_ROOT_SSH_KEY'] = self.root_ssh_key_filename or '' env['ADMINID'] = self.admin_name env['ADMINPW'] = self.admin_password diff --git a/ipatests/test_integration/host.py b/ipatests/test_integration/host.py index da5546de9..b4d736cd6 100644 --- a/ipatests/test_integration/host.py +++ b/ipatests/test_integration/host.py @@ -145,6 +145,7 @@ class Host(object): self.role = 'other' self.root_password = self.config.root_password + self.root_ssh_key_filename = self.config.root_ssh_key_filename self.host_key = None self.ssh_port = 22 @@ -233,8 +234,19 @@ class Host(object): except AttributeError: sock = socket.create_connection((self.hostname, self.ssh_port)) self._transport = transport = paramiko.Transport(sock) - transport.connect(hostkey=self.host_key, username='root', - password=self.root_password) + transport.connect(hostkey=self.host_key) + if self.root_ssh_key_filename: + self.log.debug('Authenticating with private RSA key') + filename = os.path.expanduser(self.root_ssh_key_filename) + key = paramiko.RSAKey.from_private_key_file(filename) + transport.auth_publickey(username='root', key=key) + elif self.root_password: + self.log.debug('Authenticating with password') + transport.auth_password(username='root', + password=self.root_password) + else: + self.log.critical('No SSH credentials configured') + raise RuntimeError('No SSH credentials configured') return transport @property -- cgit