[libvirt-tck PATCH 1/2] lib: TCK.pm: Favour pubkey auth over passwords on SSH connections

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The reason for this change is our Fedora 31 test image, because starting
with Fedora 31, the SSH policy for root logins with password
authentication changed and password auth is now disabled by default.
Since we were relying on this, we're now unable to log in to the guest
as root. Let's convert to the SSH keys usage.

Signed-off-by: Erik Skultety <eskultet@xxxxxxxxxx>
---
 lib/Sys/Virt/TCK.pm | 30 +++++++++++++++++++++++++++++-
 1 file changed, 29 insertions(+), 1 deletion(-)

diff --git a/lib/Sys/Virt/TCK.pm b/lib/Sys/Virt/TCK.pm
index a641d01..5a5c9e4 100644
--- a/lib/Sys/Virt/TCK.pm
+++ b/lib/Sys/Virt/TCK.pm
@@ -408,6 +408,32 @@ sub has_disk_image {
     return -f $target
 }
 
+sub ssh_key_path {
+    my $self = shift;
+    my $basedir = shift;
+
+    return catfile($basedir, "ssh", "id_rsa");
+}
+
+sub create_host_ssh_keys {
+    my $self = shift;
+
+    my $scratch = $self->scratch_dir;
+    my $ssh_dir_path = catfile($scratch, "ssh");
+    my $ssh_key_path = $self->ssh_key_path($scratch);
+
+    if (! -d "$ssh_dir_path") {
+        mkdir "$ssh_dir_path", 0700;
+    }
+
+    if (! -e "$ssh_key_path") {
+        print "# generating a new SSH RSA key pair under $ssh_dir_path\n";
+        system "ssh-keygen -q -t rsa -f $ssh_key_path -N ''";
+    }
+
+    return $ssh_key_path;
+}
+
 sub create_virt_builder_disk {
     my $self = shift;
     my $bucket = shift;
@@ -424,8 +450,10 @@ sub create_virt_builder_disk {
         return $target;
     }
 
+    my $ssh_key_path = $self->create_host_ssh_keys;
+
     print "# running virt-builder $osname\n";
-    system "virt-builder", "--install", "dsniff", "--selinux-relabel", "--root-password", "password:$password", "--output", $target, $osname;
+    system "virt-builder", "--install", "dsniff", "--selinux-relabel", "--root-password", "password:$password", "--ssh-inject", "root:file:$ssh_key_path.pub", "--output", $target, $osname;
 
     die "cannot run virt-builder: $?" if $? != 0;
 
-- 
2.24.1





[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux