Make private key customizable per host using ansible_ssh_private_key_file configurable as variable

This fixes issue #1026 for @toshywoshy together with ansible_ssh_user and ansible_ssh_port.
This commit is contained in:
Dag Wieers 2013-03-19 17:28:43 +01:00 committed by Michael DeHaan
parent 98e4b1f4b8
commit d5d26bab9b
4 changed files with 15 additions and 7 deletions

View file

@ -435,6 +435,7 @@ class Runner(object):
actual_user = inject.get('ansible_ssh_user', self.remote_user)
actual_pass = inject.get('ansible_ssh_pass', self.remote_pass)
actual_transport = inject.get('ansible_connection', self.transport)
actual_private_key_file = inject.get('ansible_ssh_private_key_file', self.private_key_file)
if actual_transport in [ 'paramiko', 'ssh' ]:
actual_port = inject.get('ansible_ssh_port', port)
@ -457,6 +458,7 @@ class Runner(object):
actual_port = delegate_info.get('ansible_ssh_port', port)
actual_user = delegate_info.get('ansible_ssh_user', actual_user)
actual_pass = delegate_info.get('ansible_ssh_pass', actual_pass)
actual_private_key_file = delegate_info.get('private_key_file', self.private_key_file)
actual_transport = delegate_info.get('ansible_connection', self.transport)
for i in delegate_info:
if i.startswith("ansible_") and i.endswith("_interpreter"):
@ -476,7 +478,7 @@ class Runner(object):
return ReturnData(host=host, comm_ok=False, result=result)
try:
conn = self.connector.connect(actual_host, actual_port, actual_user, actual_pass, actual_transport)
conn = self.connector.connect(actual_host, actual_port, actual_user, actual_pass, actual_transport, actual_private_key_file)
if delegate_to or host != actual_host:
conn.delegate = host

View file

@ -31,9 +31,9 @@ class Connection(object):
def __init__(self, runner):
self.runner = runner
def connect(self, host, port, user, password, transport):
def connect(self, host, port, user, password, transport, private_key_file):
conn = None
conn = utils.plugins.connection_loader.get(transport, self.runner, host, port, user=user, password=password)
conn = utils.plugins.connection_loader.get(transport, self.runner, host, port, user=user, password=password, private_key_file=private_key_file)
if conn is None:
raise AnsibleError("unsupported connection type: %s" % transport)
self.active = conn.connect()

View file

@ -43,7 +43,7 @@ SFTP_CONNECTION_CACHE = {}
class Connection(object):
''' SSH based connections with Paramiko '''
def __init__(self, runner, host, port, user, password):
def __init__(self, runner, host, port, user, password, private_key_file):
self.ssh = None
self.sftp = None
@ -52,6 +52,7 @@ class Connection(object):
self.port = port
self.user = user
self.password = password
self.private_key_file = private_key_file
def _cache_key(self):
return "%s__%s__" % (self.host, self.user)
@ -79,7 +80,9 @@ class Connection(object):
if self.password is not None:
allow_agent = False
try:
if self.runner.private_key_file:
if self.private_key_file:
key_filename = os.path.expanduser(self.private_key_file)
elif self.runner.private_key_file:
key_filename = os.path.expanduser(self.runner.private_key_file)
else:
key_filename = None

View file

@ -32,12 +32,13 @@ from ansible import utils
class Connection(object):
''' ssh based connections '''
def __init__(self, runner, host, port, user, password):
def __init__(self, runner, host, port, user, password, private_key_file):
self.runner = runner
self.host = host
self.port = port
self.user = user
self.password = password
self.private_key_file = private_key_file
def connect(self):
''' connect to the remote host '''
@ -55,7 +56,9 @@ class Connection(object):
self.common_args += ["-o", "StrictHostKeyChecking=no"]
if self.port is not None:
self.common_args += ["-o", "Port=%d" % (self.port)]
if self.runner.private_key_file is not None:
if self.private_key_file is not None:
self.common_args += ["-o", "IdentityFile="+os.path.expanduser(self.private_key_file)]
elif self.runner.private_key_file is not None:
self.common_args += ["-o", "IdentityFile="+os.path.expanduser(self.runner.private_key_file)]
if self.password:
self.common_args += ["-o", "GSSAPIAuthentication=no",