Password and private key file for ssh

internal/app/caaspctl/node/bootstrap.go

@@ -20,14 +20,16 @@ package node
 import (
 	"k8s.io/klog"
 
-	"github.com/spf13/cobra"
 	"github.com/SUSE/caaspctl/internal/pkg/caaspctl/deployments/ssh"
 	node "github.com/SUSE/caaspctl/pkg/caaspctl/actions/node/bootstrap"
+	"github.com/spf13/cobra"
 )
 
 type bootstrapOptions struct {
 	target                string
 	user                  string
+	password              string
+	keyfile               string
 	sudo                  bool
 	port                  int
 	ignorePreflightErrors string
@@ -45,6 +47,8 @@ func NewBootstrapCmd() *cobra.Command {
 					nodenames[0],
 					bootstrapOptions.target,
 					bootstrapOptions.user,
+					bootstrapOptions.password,
+					bootstrapOptions.keyfile,
 					bootstrapOptions.sudo,
 					bootstrapOptions.port,
 					map[string]interface{}{"ignore-preflight-errors": bootstrapOptions.ignorePreflightErrors},
@@ -59,6 +63,8 @@ func NewBootstrapCmd() *cobra.Command {
 
 	cmd.Flags().StringVarP(&bootstrapOptions.target, "target", "t", "", "IP or FQDN of the node to connect to using SSH")
 	cmd.Flags().StringVarP(&bootstrapOptions.user, "user", "u", "root", "User identity used to connect to target")
+	cmd.Flags().StringVarP(&bootstrapOptions.password, "password", "P", "", "Password used to connect to target")
+	cmd.Flags().StringVarP(&bootstrapOptions.keyfile, "keyfile", "i", "", "Private SSH key used to connect to target")
 	cmd.Flags().IntVarP(&bootstrapOptions.port, "port", "p", 22, "Port to connect to using SSH")
 	cmd.Flags().BoolVarP(&bootstrapOptions.sudo, "sudo", "s", false, "Run remote command via sudo")
 	cmd.Flags().StringVar(&bootstrapOptions.ignorePreflightErrors, "ignore-preflight-errors", "", "Comma separated list of preflight errors to ignore")

internal/app/caaspctl/node/join.go

@@ -30,6 +30,8 @@ import (
 type joinOptions struct {
 	target                string
 	user                  string
+	password              string
+	keyfile               string
 	sudo                  bool
 	port                  int
 	role                  string
@@ -59,6 +61,8 @@ func NewJoinCmd() *cobra.Command {
 					nodenames[0],
 					joinOptions.target,
 					joinOptions.user,
+					joinOptions.password,
+					joinOptions.keyfile,
 					joinOptions.sudo,
 					joinOptions.port,
 					map[string]interface{}{"ignore-preflight-errors": joinOptions.ignorePreflightErrors},
@@ -70,6 +74,8 @@ func NewJoinCmd() *cobra.Command {
 
 	cmd.Flags().StringVarP(&joinOptions.target, "target", "t", "", "IP or FQDN of the node to connect to using SSH")
 	cmd.Flags().StringVarP(&joinOptions.user, "user", "u", "root", "User identity used to connect to target")
+	cmd.Flags().StringVarP(&joinOptions.password, "password", "P", "", "Password used to connect to target")
+	cmd.Flags().StringVarP(&joinOptions.keyfile, "keyfile", "i", "", "Private SSH key used to connect to target")
 	cmd.Flags().BoolVarP(&joinOptions.sudo, "sudo", "s", false, "Run remote command via sudo")
 	cmd.Flags().IntVarP(&joinOptions.port, "port", "p", 22, "Port to connect to using SSH")
 	cmd.Flags().StringVarP(&joinOptions.role, "role", "r", "", "Role that this node will have in the cluster (master|worker)")

internal/pkg/caaspctl/deployments/ssh/ssh.go

@@ -24,6 +24,7 @@ import (
 	"io"
 	"io/ioutil"
 	"k8s.io/klog"
+	"log"
 	"net"
 	"os"
 	"strings"
@@ -36,24 +37,28 @@ import (
 )
 
 type Target struct {
-	target *deployments.Target
-	user   string
-	sudo   bool
-	port   int
-	client *ssh.Client
+	target   *deployments.Target
+	user     string
+	keyfile  string
+	password string
+	sudo     bool
+	port     int
+	client   *ssh.Client
 }
 
-func NewTarget(nodename, target, user string, sudo bool, port int, kubeadmArgs map[string]interface{}) *deployments.Target {
+func NewTarget(nodename, target, user, password, keyfile string, sudo bool, port int, kubeadmArgs map[string]interface{}) *deployments.Target {
 	res := deployments.Target{
 		Target:      target,
 		Nodename:    nodename,
 		KubeadmArgs: kubeadmArgs,
 	}
 	res.Actionable = &Target{
-		target: &res,
-		user:   user,
-		sudo:   sudo,
-		port:   port,
+		target:   &res,
+		user:     user,
+		password: password,
+		keyfile:  keyfile,
+		sudo:     sudo,
+		port:     port,
 	}
 	return &res
 }
@@ -131,15 +136,45 @@ func (t *Target) initClient() error {
 	if err != nil {
 		return err
 	}
+
+	dstAddr := fmt.Sprintf("%s:%d", t.target.Target, t.port)
+
 	agentClient := agent.NewClient(conn)
-	config := &ssh.ClientConfig{
-		User: t.user,
-		Auth: []ssh.AuthMethod{
+	var auth []ssh.AuthMethod
+	if t.keyfile != "" {
+		klog.V(3).Infof("Using private key '%s' for connecting to '%s'", t.keyfile, dstAddr)
+		key, err := ioutil.ReadFile(t.keyfile)
+		if err != nil {
+			return fmt.Errorf("unable to read private key: %v", err)
+		}
+
+		// Create the Signer for this private key.
+		signer, err := ssh.ParsePrivateKey(key)
+		if err != nil {
+			log.Fatalf("unable to parse private key: %v", err)
+		}
+
+		auth = []ssh.AuthMethod{
+			ssh.PublicKeys(signer),
+		}
+	} else if t.password != "" {
+		klog.V(3).Infof("Using password for connecting to '%s'", dstAddr)
+		auth = []ssh.AuthMethod{
+			ssh.Password(t.password),
+		}
+	} else {
+		klog.V(3).Infof("Using default private key for connecting to '%s'", dstAddr)
+		auth = []ssh.AuthMethod{
 			ssh.PublicKeysCallback(agentClient.Signers),
-		},
+		}
+	}
+
+	config := &ssh.ClientConfig{
+		User:            t.user,
+		Auth:            auth,
 		HostKeyCallback: ssh.InsecureIgnoreHostKey(),
 	}
-	t.client, err = ssh.Dial("tcp", fmt.Sprintf("%s:%d", t.target.Target, t.port), config)
+	t.client, err = ssh.Dial("tcp", dstAddr, config)
 	if err != nil {
 		return err
 	}