rattail/rattail-fabric2
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Be more discerning about how/when we cache ssh host key

Browse source
This commit is contained in:
Lance Edgar 2020-10-09 16:09:34 -05:00
parent 47c27eaba5
commit 8c08412d7b
1 changed files with 13 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
rattail_fabric2/ssh.py
View file

@ -46,13 +46,19 @@ def cache_host_key(c, host, port=None, user=None, **kwargs):
result = c.run(cmd, warn=True) result = c.run(cmd, warn=True)
if result.failed: if result.failed:
# basic command failed, which presumably means we *do* need to cache # basic command failed, but in some cases that is simply b/c normal
# the host key, so try that now # commands are not allowed, although the ssh connection itself was
cmd = 'ssh -o StrictHostKeyChecking=no {} {} echo'.format(port, host) # established okay. here we check for that situation.
if user: if result.stderr.strip() != "Disallowed command":
c.sudo(cmd, user=None if user == 'root' else user)
else: # okay then we now think that the ssh connection itself was not
c.run(cmd) # made, which presumably means we *do* need to cache the host key,
# so try that now
cmd = 'ssh -o StrictHostKeyChecking=no {} {} whoami'.format(port, host)
if user:
c.sudo(cmd, user=None if user == 'root' else user)
else:
c.run(cmd)
def restart(c): def restart(c):