On Wed, Aug 10, 2011 at 1:21 PM, Iustin Pop <[email protected]> wrote:
> On Wed, Aug 10, 2011 at 10:50:29AM -0400, Ben Lipton wrote: > > This should ask the user to confirm the host key, and if confirmed > > insert it into the .ssh/known_hosts file so that rsync will pick it up. > > > > Not entirely sure how the user will know if the host key is correct... > > That is up to the user :) > > One could also modify the bootstrap OS to log the key somewhere/on the > console; but the best thing is that we do *some* prompting instead of > silently accepting (IMHO). > > > Signed-off-by: Ben Lipton <[email protected]> > > --- > > p2v-transfer/p2v_transfer.py | 23 +++++++++++++++++++++-- > > p2v-transfer/test/p2v_transfer_test.py | 9 +++++++-- > > 2 files changed, 28 insertions(+), 4 deletions(-) > > > > diff --git a/p2v-transfer/p2v_transfer.py b/p2v-transfer/p2v_transfer.py > > index e232103..b03f92f 100755 > > --- a/p2v-transfer/p2v_transfer.py > > +++ b/p2v-transfer/p2v_transfer.py > > @@ -28,6 +28,7 @@ necessary to gain access to the bootstrap OS. > > """ > > > > > > +import binascii > > import re > > import stat > > import sys > > @@ -47,6 +48,18 @@ class P2VError(Exception): > > pass > > > > > > +class AskAddPolicy(paramiko.AutoAddPolicy): > > + """Policy that asks the user to confirm a key before adding it.""" > > + def missing_host_key(self, client, hostname, key): > > + print "Target has ssh host key fingerprint ", > > + print binascii.hexlify(key.get_fingerprint()) > > + response = raw_input("Is this correct? y/N: ") > > + if response.lower() == "y": > > + super(AskAddPolicy, self).missing_host_key(client, hostname, key) > > Ah, this will also write it back to the file? Cool. I hope it's > compatible with openssh :) > I had to poke around paramiko's code a little to find out, but yes, keys added by the AutoAddPolicy get written back to the file that was loaded by SSHClient.load_host_keys(). rsync does pick it up, so it should be ok. > > LGTM. > > iustin >
