Set StrictHostKeyChecking=no to auto-accept new ssh host keys if the
no_verify extra parameter was specified. This won't disable host key
checking for already known hosts.
---
src/remote/remote_driver.c | 1 +
src/rpc/virnetclient.c | 3 ++-
src/rpc/virnetclient.h | 1 +
src/rpc/virnetsocket.c | 3 +++
src/rpc/virnetsocket.h | 1 +
tests/virnetsockettest.c | 2 ++
6 files changed, 10 insertions(+), 1 deletions(-)
diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
index f318740..a2f54c8 100644
--- a/src/remote/remote_driver.c
+++ b/src/remote/remote_driver.c
@@ -571,6 +571,7 @@ doRemoteOpen (virConnectPtr conn,
command,
username,
no_tty,
+ no_verify,
netcat ? netcat : "nc",
sockname)))
goto failed;
diff --git a/src/rpc/virnetclient.c b/src/rpc/virnetclient.c
index b551b99..fc0fef8 100644
--- a/src/rpc/virnetclient.c
+++ b/src/rpc/virnetclient.c
@@ -187,12 +187,13 @@ virNetClientPtr virNetClientNewSSH(const char *nodename,
const char *binary,
const char *username,
bool noTTY,
+ bool noVerify,
const char *netcat,
const char *path)
{
virNetSocketPtr sock;
- if (virNetSocketNewConnectSSH(nodename, service, binary, username, noTTY, netcat, path, &sock) < 0)
+ if (virNetSocketNewConnectSSH(nodename, service, binary, username, noTTY, noVerify, netcat, path, &sock) < 0)
return NULL;
return virNetClientNew(sock, NULL);
diff --git a/src/rpc/virnetclient.h b/src/rpc/virnetclient.h
index de0782c..6acdf50 100644
--- a/src/rpc/virnetclient.h
+++ b/src/rpc/virnetclient.h
@@ -44,6 +44,7 @@ virNetClientPtr virNetClientNewSSH(const char *nodename,
const char *binary,
const char *username,
bool noTTY,
+ bool noVerify,
const char *netcat,
const char *path);
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
index 4b0c2ee..e827b4f 100644
--- a/src/rpc/virnetsocket.c
+++ b/src/rpc/virnetsocket.c
@@ -576,6 +576,7 @@ int virNetSocketNewConnectSSH(const char *nodename,
const char *binary,
const char *username,
bool noTTY,
+ bool noVerify,
const char *netcat,
const char *path,
virNetSocketPtr *retsock)
@@ -596,6 +597,8 @@ int virNetSocketNewConnectSSH(const char *nodename,
if (noTTY)
virCommandAddArgList(cmd, "-T", "-o", "BatchMode=yes",
"-e", "none", NULL);
+ if (noVerify)
+ virCommandAddArgList(cmd, "-oStrictHostKeyChecking=no", NULL);
virCommandAddArgList(cmd, nodename,
netcat ? netcat : "nc",
"-U", path, NULL);
diff --git a/src/rpc/virnetsocket.h b/src/rpc/virnetsocket.h
index 356d6c6..5f882ac 100644
--- a/src/rpc/virnetsocket.h
+++ b/src/rpc/virnetsocket.h
@@ -67,6 +67,7 @@ int virNetSocketNewConnectSSH(const char *nodename,
const char *binary,
const char *username,
bool noTTY,
+ bool noVerify,
const char *netcat,
const char *path,
virNetSocketPtr *addr);
diff --git a/tests/virnetsockettest.c b/tests/virnetsockettest.c
index f6c7274..87f3dfa 100644
--- a/tests/virnetsockettest.c
+++ b/tests/virnetsockettest.c
@@ -377,6 +377,7 @@ struct testSSHData {
const char *binary;
const char *username;
bool noTTY;
+ bool noVerify;
const char *netcat;
const char *path;
@@ -397,6 +398,7 @@ static int testSocketSSH(const void *opaque)
data->binary,
data->username,
data->noTTY,
+ data->noVerify,
data->netcat,
data->path,
&csock) < 0)
--
1.7.5.4
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list