Be more discerning about how/when we cache ssh host key

This commit is contained in:
Lance Edgar 2020-10-09 16:09:34 -05:00
parent 47c27eaba5
commit 8c08412d7b

View file

@ -46,9 +46,15 @@ def cache_host_key(c, host, port=None, user=None, **kwargs):
result = c.run(cmd, warn=True)
if result.failed:
# basic command failed, which presumably means we *do* need to cache
# the host key, so try that now
cmd = 'ssh -o StrictHostKeyChecking=no {} {} echo'.format(port, host)
# basic command failed, but in some cases that is simply b/c normal
# commands are not allowed, although the ssh connection itself was
# established okay. here we check for that situation.
if result.stderr.strip() != "Disallowed command":
# okay then we now think that the ssh connection itself was not
# made, which presumably means we *do* need to cache the host key,
# so try that now
cmd = 'ssh -o StrictHostKeyChecking=no {} {} whoami'.format(port, host)
if user:
c.sudo(cmd, user=None if user == 'root' else user)
else: