On Wed, Aug 10, 2011 at 10:50:29AM -0400, Ben Lipton wrote: > This should ask the user to confirm the host key, and if confirmed > insert it into the .ssh/known_hosts file so that rsync will pick it up. > > Not entirely sure how the user will know if the host key is correct...
That is up to the user :) One could also modify the bootstrap OS to log the key somewhere/on the console; but the best thing is that we do *some* prompting instead of silently accepting (IMHO). > Signed-off-by: Ben Lipton <[email protected]> > --- > p2v-transfer/p2v_transfer.py | 23 +++++++++++++++++++++-- > p2v-transfer/test/p2v_transfer_test.py | 9 +++++++-- > 2 files changed, 28 insertions(+), 4 deletions(-) > > diff --git a/p2v-transfer/p2v_transfer.py b/p2v-transfer/p2v_transfer.py > index e232103..b03f92f 100755 > --- a/p2v-transfer/p2v_transfer.py > +++ b/p2v-transfer/p2v_transfer.py > @@ -28,6 +28,7 @@ necessary to gain access to the bootstrap OS. > """ > > > +import binascii > import re > import stat > import sys > @@ -47,6 +48,18 @@ class P2VError(Exception): > pass > > > +class AskAddPolicy(paramiko.AutoAddPolicy): > + """Policy that asks the user to confirm a key before adding it.""" > + def missing_host_key(self, client, hostname, key): > + print "Target has ssh host key fingerprint ", > + print binascii.hexlify(key.get_fingerprint()) > + response = raw_input("Is this correct? y/N: ") > + if response.lower() == "y": > + super(AskAddPolicy, self).missing_host_key(client, hostname, key) Ah, this will also write it back to the file? Cool. I hope it's compatible with openssh :) LGTM. iustin
