[Libvirt-cim] [PATCH] [TEST] Add check to see if user can ssh to remote host
Deepti B Kalakeri
deeptik at linux.vnet.ibm.com
Wed Apr 8 10:03:14 UTC 2009
Kaitlin Rupert wrote:
> # HG changeset patch
> # User Kaitlin Rupert <karupert at us.ibm.com>
> # Date 1238367843 25200
> # Node ID f67cd4aacb45f3a1ecfadeb3103058f0abf675d0
> # Parent 444cee668a76b0ef7fa1b5da94ae3763522834f2
> [TEST] Add check to see if user can ssh to remote host
>
> If this check fails, indicate to user they need to copy their key to root's
> authorized_keys file. If the user is root (or cimtest is run using sudo), the
> public key is written to authorized_keys automatically.
>
> Signed-off-by: Kaitlin Rupert <karupert at us.ibm.com>
>
> diff -r 444cee668a76 -r f67cd4aacb45 lib/VirtLib/utils.py
> --- a/lib/VirtLib/utils.py Sun Mar 29 16:04:03 2009 -0700
> +++ b/lib/VirtLib/utils.py Sun Mar 29 16:04:03 2009 -0700
> @@ -27,9 +27,16 @@
> # ssh utils
>
> SSH_PARMS="-q -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"
> -root_dot_ssh = os.path.join(os.getenv('HOME'), '.ssh')
> -SSH_KEY = os.path.join(root_dot_ssh, 'id_rsa')
> -AUTHED_KEYS = os.path.join(root_dot_ssh, 'authorized_keys')
> +USER_SSH_PATH = os.path.join(os.getenv('HOME'), '.ssh')
> +ROOT_SSH_PATH = "/root/.ssh"
> +SSH_KEY = os.path.join(USER_SSH_PATH, 'id_rsa')
> +AUTHED_KEYS = os.path.join(ROOT_SSH_PATH, 'authorized_keys')
> +
> +def run_remote_chk(ip, cmd):
> +
> + cmd = 'ssh %s -o PasswordAuthentication=no -i %s root@%s "%s"' % \
> + (SSH_PARMS, SSH_KEY, ip, cmd)
> + return commands.getstatusoutput(cmd)
>
> def run_remote(ip, cmd):
>
> @@ -72,23 +79,37 @@
> t0Vm53Jlg5CzFbn9EZp3LN9D/GEwKOqPehB+P0qhz15H8j6VQQ==
> -----END RSA PRIVATE KEY-----
> """
> +
> + def gen_pubkey():
> + print "\nGenerating public key from private key...\n"
> + cmd = 'ssh-keygen -y -f %s' % SSH_KEY
> + return commands.getoutput(cmd)
>
> def write_pubkey(pubkey):
> + cmd = "whoami"
> + rc, o = commands.getstatusoutput(cmd)
> + if rc != 0 or o != "root":
> + return
> +
> f = open(AUTHED_KEYS, 'a+')
> f.write('\n'+pubkey)
> f.flush()
> f.close()
> -
> +
> def write_privkey(privkey):
>
How and when will the write_privkey() will be called ?
> - f = open(SSH_KEY, 'w')
> + if not os.path.exists(SSH_KEY):
> + if not os.path.exists(USER_SSH_PATH):
> + os.mkdir(USER_SSH_PATH)
> + f = file(SSH_KEY,'wt')
> + else:
> + f = open(SSH_KEY, 'w')
> f.write(privkey)
> f.flush()
> f.close()
> os.chmod(SSH_KEY, 0400)
>
> if os.path.exists(SSH_KEY):
> - cmd = 'ssh-keygen -y -f %s' % SSH_KEY
> - pubkey = commands.getoutput(cmd)
> + pubkey = gen_pubkey()
> if os.path.exists(AUTHED_KEYS):
> cmd = """grep "%s" %s >/dev/null 2>&1""" % (pubkey, AUTHED_KEYS)
> rc, o = commands.getstatusoutput(cmd)
> @@ -98,6 +119,5 @@
> write_pubkey(pubkey)
> else:
> write_privkey(ssh_key)
> - cmd = 'ssh-keygen -y -f %s' % SSH_KEY
> - pubkey = commands.getoutput(cmd)
> + pubkey = gen_pubkey()
> write_pubkey(pubkey)
> diff -r 444cee668a76 -r f67cd4aacb45 suites/libvirt-cim/main.py
> --- a/suites/libvirt-cim/main.py Sun Mar 29 16:04:03 2009 -0700
> +++ b/suites/libvirt-cim/main.py Sun Mar 29 16:04:03 2009 -0700
> @@ -93,6 +93,14 @@
> print "Cleaned log files."
>
> def pre_check(ip, virt):
> + cmd = "ls"
> + ret, out = utils.run_remote_chk(ip, cmd)
> + if ret != 0:
> + msg = "Unable to write to %s.\nPlease add your public key (%s.pub)" \
> + " to %s's %s and rerun the test" % (utils.AUTHED_KEYS,
> + utils.SSH_KEY, ip, utils.AUTHED_KEYS)
> + return msg
> +
> cmd = "virsh -c %s list --all" % virt2uri(virt)
> ret, out = utils.run_remote(ip, cmd)
> if ret != 0:
>
> _______________________________________________
> Libvirt-cim mailing list
> Libvirt-cim at redhat.com
> https://www.redhat.com/mailman/listinfo/libvirt-cim
>
--
Thanks and Regards,
Deepti B. Kalakeri
IBM Linux Technology Center
deeptik at linux.vnet.ibm.com
More information about the Libvirt-cim
mailing list