a6614d38dd
While debugging the ``rescue`` test functionality with ironic's tempest plugin, we discovered that if the environment suggests the agent is available, then we may enter a situation where the test can fail because paramiko prefers ssh over password authentication. This is important, because for rescue functionality in particular, it is password authentication based without the use of SSH keys, as a temporary password is generated by the services and provided to the user requesting to rescue the instance/node. Instead of trying to make an assumption that password being present means we should just disable the agent, explicitly allow the caller to specify it. Change-Id: Iefb6cb5cb80eb2b9a4307912c4d6d07c684ed70a
11 lines
468 B
YAML
11 lines
468 B
YAML
---
|
|
features:
|
|
- |
|
|
Adds a ``ssh_allow_agent`` parameter to the ``RemoteClient`` class
|
|
wrapper and the direct ssh ``Client`` class to allow a caller to
|
|
explicitly request that the SSH Agent is not consulted for
|
|
authentication. This is useful if your attempting explicit password
|
|
based authentication as ``paramiko``, the underlying library used for
|
|
SSH, defaults to utilizing an ssh-agent process before attempting
|
|
password authentication.
|