[libvirt-tck PATCH 1/2] lib: TCK.pm: Favour pubkey auth over passwords on SSH connections
Daniel P. Berrangé
berrange at redhat.com
Tue Jan 21 17:10:54 UTC 2020
On Tue, Jan 21, 2020 at 06:08:01PM +0100, Erik Skultety wrote:
> On Tue, Jan 21, 2020 at 05:47:16PM +0100, Erik Skultety wrote:
> > The reason for this change is our Fedora 31 test image, because starting
> > with Fedora 31, the SSH policy for root logins with password
> > authentication changed and password auth is now disabled by default.
> > Since we were relying on this, we're now unable to log in to the guest
> > as root. Let's convert to the SSH keys usage.
> >
> > Signed-off-by: Erik Skultety <eskultet at redhat.com>
> > ---
> > lib/Sys/Virt/TCK.pm | 30 +++++++++++++++++++++++++++++-
> > 1 file changed, 29 insertions(+), 1 deletion(-)
> >
> > diff --git a/lib/Sys/Virt/TCK.pm b/lib/Sys/Virt/TCK.pm
> > index a641d01..5a5c9e4 100644
> > --- a/lib/Sys/Virt/TCK.pm
> > +++ b/lib/Sys/Virt/TCK.pm
> > @@ -408,6 +408,32 @@ sub has_disk_image {
> > return -f $target
> > }
> >
> > +sub ssh_key_path {
> > + my $self = shift;
> > + my $basedir = shift;
> > +
> > + return catfile($basedir, "ssh", "id_rsa");
> > +}
> > +
> > +sub create_host_ssh_keys {
> > + my $self = shift;
> > +
> > + my $scratch = $self->scratch_dir;
> > + my $ssh_dir_path = catfile($scratch, "ssh");
> > + my $ssh_key_path = $self->ssh_key_path($scratch);
> > +
> > + if (! -d "$ssh_dir_path") {
> > + mkdir "$ssh_dir_path", 0700;
> > + }
> > +
> > + if (! -e "$ssh_key_path") {
> > + print "# generating a new SSH RSA key pair under $ssh_dir_path\n";
>
> I'm wondering whether I should actually use diag here^ instead, do you have a
> suggestion Dan?
I guess we do use diag in the rest of the file, so it would be worth
being consistent, even if it is functionally identical.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
More information about the libvir-list
mailing list