Add some privatekey password options (#174)

* Add some privatekey password options * Debug ParsePrivateKeyWithPassphrase use error * Update change private key password option name * Update change private key password passphrases -> passphrase * Add Unit testing Co-authored-by: 张俊杰 <[email protected]>
megaease · Jul 26, 2022 · 76657de · 76657de
1 parent 2929b00
commit 76657de
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -104,6 +104,7 @@ On application startup, the configured probes are scheduled for their initial fi
         host: [email protected]:22
         password: xxxxxxx
         key: /Users/user/.ssh/id_rsa
+        passphrase: xxxxxxx
         cmd: "ps auxwe | grep easeprobe | grep -v grep"
         contain: easeprobe
   ```
@@ -685,6 +686,7 @@ ssh:
       username: ubuntu  # SSH Login username
       password: xxxxx   # SSH Login password
       key: /path/to/private.key # SSH login private file
+      passphrase: xxxxxxx  # PrivateKey password
       cmd: "redis-cli"
       args:
         - "-h"

diff --git a/probe/ssh/endpoint.go b/probe/ssh/endpoint.go
@@ -33,6 +33,7 @@ type Endpoint struct {
 	Host       string      `yaml:"host"`
 	User       string      `yaml:"username"`
 	Password   string      `yaml:"password"`
+	Passphrase string      `yaml:"passphrase"`
 	client     *ssh.Client `yaml:"-"`
 }
 
@@ -79,7 +80,14 @@ func (e *Endpoint) SSHConfig(kind, name string, timeout time.Duration) (*ssh.Cli
 		}
 
 		// Create the Signer for this private key.
-		signer, err := ssh.ParsePrivateKey(key)
+		var signer ssh.Signer
+
+		if len(e.Passphrase) > 0 {
+			signer, err = ssh.ParsePrivateKeyWithPassphrase(key, []byte(e.Passphrase))
+		} else {
+			signer, err = ssh.ParsePrivateKey(key)
+		}
+
 		if err != nil {
 			return nil, err
 		}

diff --git a/probe/ssh/endpoint_test.go b/probe/ssh/endpoint_test.go
@@ -85,4 +85,30 @@ YWwBAg==
 	config, err = e.SSHConfig("ssh", "test", 30*time.Second)
 	assert.Nil(t, err)
 	assert.NotNil(t, config)
+
+	e.Passphrase = "123"
+	monkey.Patch(ioutil.ReadFile, func(filename string) ([]byte, error) {
+		return []byte(`
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBdkMia9n
+8kS8QhkzdcB1fcAAAAEAAAAAEAAACXAAAAB3NzaC1yc2EAAAADAQABAAAAgQCxg/1PL60U
+IQGBfMopFoMjdcujc/AvyycubRQiH2L8MVnPk7q7whRXMVHjlKX7zOnVzOMUMAwUov+rge
+mLZtYVxMuGomHwD0Lc2wrHdmwgk+3fuTPX8VBZOEmErISZHi1q/9JxzZFybmXXkIfNk6FZ
+CGXKWJ2dNBo2UxOKCxumqwAAAhAnEomH6JMqjVcnxxtUcvX+wtADoAEDh3Iw/HWK4OPHfQ
+CzuW0rJGiuOkDs24QQxHgskqPEWwgC/aTfYMX9u2jPo8w2ta2NpiP4RsQ3cVoL32i25np4
+JuYo4P/3Od3j82DnyV8NVwtN0m4EazCmY+aVM3iT/3VfhmTI4o/e0ZO/sMF8sxZTn8yUZa
+W3MLSN1j4Nc5sKnOdTF8bQslJYWL2z9Q48E+y7XTkHGMZmmRfv4EKGHu4Nle/cRsLS5WSX
+/eIUhUUI9FF4HD+Wmi+RTTBV1PdpaL6O4For6ot0i+CYotxe72++JmO51KCpKeVbWQiUgE
+EyXgVoFPqg47SKpLKneFysRH9P0rEwVjx7Q2tYc3XeOENcs0gtgS7HHtNFzO1LRNWtZ8HA
+v5v32pULoiuYtbgFeywmTGciLohsDtHfPKz0VHBdecjlYj8y/96BQ79V504QXt8j1dVdZ2
+bAh6YI/rkK6kmTfZ7DvS8+ZDw/dJYln/31hiBqomkpsm64IPdcWtAGI8LqfIhYcfz60MqT
+i/TNs5nhmqQDEcwD/Sq0YR2ItMAx7W5j1EZ72zpHa9KTjm+z/JKXlA6Cm2WN/pnO06gShZ
+DX4y9QvXoaUiQ5vB63voiqRTBT4hTYBDVi2G7NEjIczNs9S8JQM5Mg52mZsdH77g6ChUPp
+1gmeAwg2IKBY2y+HzQ/5xub5KjGDG6E=
+-----END OPENSSH PRIVATE KEY-----
+`), nil
+	})
+	config, err = e.SSHConfig("ssh", "test", 30*time.Second)
+	assert.Nil(t, err)
+	assert.NotNil(t, config)
 }