DaanHoogland commented on a change in pull request #5684:
URL: https://github.com/apache/cloudstack/pull/5684#discussion_r748186973
##########
File path: utils/src/main/java/com/cloud/utils/ssh/SSHCmdHelper.java
##########
@@ -77,8 +80,47 @@ public String getStdErr() {
}
public static com.trilead.ssh2.Connection
acquireAuthorizedConnection(String ip, int port, String username, String
password) {
+ return acquireAuthorizedConnection(ip, 22, username, password, null);
+ }
+
+ public static boolean acquireAuthorizedConnectionWithPublicKey(final
com.trilead.ssh2.Connection sshConnection, final String username, final String
privateKey) {
+ if (StringUtils.isNotBlank(privateKey)) {
+ File privateKeyFile = null;
+ try {
+ privateKeyFile = File.createTempFile("cloudstack-host-", null);
+ FileWriter writer = new
FileWriter(privateKeyFile.getAbsolutePath());
+ writer.write(privateKey);
+ writer.close();
Review comment:
this is a bit of a security risk, it seems. The file is created in /tmp
and never deleted (automatically if the JVM shuts down, but what if it
crashes?). We may want a way to pass the key to the `sshConnection` as string
instead of a file ref.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
