Merge pull request Juniper#281 from shermdog/sshident

Fixed ssh-key auth
shermdog · Jul 17, 2014 · 6783f58 · 6783f58
2 parents 57a1904 + b8b5460
commit 6783f58
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 8 deletions.
diff --git a/lib/jnpr/junos/device.py b/lib/jnpr/junos/device.py
@@ -239,6 +239,7 @@ def _sshconf_lkup(self):
         self._hostname = found.get('hostname', self._hostname)
         self._port = found.get('port', self._port)
         self._auth_user = found.get('user')
+        self._ssh_private_key_file = found.get('identityfile')
 
     def __init__(self, *vargs, **kvargs):
         """
@@ -307,7 +308,8 @@ def __init__(self, *vargs, **kvargs):
             # but if user is explit from call, then use it.
             self._auth_user = kvargs.get('user') or self._auth_user
             self._auth_password = kvargs.get('password') or kvargs.get('passwd')
-            self._ssh_private_key_file = kvargs.get('ssh_private_key_file')
+            if not hasattr(self, '_ssh_private_key_file'):
+                self._ssh_private_key_file = kvargs.get('ssh_private_key_file')
 
         # -----------------------------
         # initialize instance variables
@@ -370,13 +372,13 @@ def open(self, *vargs, **kvargs):
         try:
             ts_start = datetime.datetime.now()
 
-            # we want to disable the ssh-agent if-and-only-if we are
-            # given a password and we are not given an ssh key file.
-            # in this condition it means that the password is
-            # the 'plain-text' password
+            # we want to enable the ssh-agent if-and-only-if we are
+            # not given a password or an ssh key file.
+            # in this condition it means we want to query the agent
+            # for available ssh keys
 
-            allow_agent = not bool((self._auth_password is not None) and
-                (self._ssh_private_key_file is None))
+            allow_agent = bool((self._auth_password is None) and
+                               (self._ssh_private_key_file is None))
 
             # open connection using ncclient transport
             self._conn = netconf_ssh.connect(
@@ -386,7 +388,6 @@ def open(self, *vargs, **kvargs):
                 password=self._auth_password,
                 hostkey_verify=False,
                 key_filename=self._ssh_private_key_file,
-                look_for_keys=False,
                 allow_agent=allow_agent,
                 device_params={'name': 'junos'})
 

diff --git a/tests/functional/test_device_ssh.py b/tests/functional/test_device_ssh.py
@@ -0,0 +1,25 @@
+'''
+
+@author: rsherman
+'''
+import unittest
+from nose.plugins.attrib import attr
+
+from jnpr.junos import Device
+
+
+@attr('functional')
+class TestDeviceSsh(unittest.TestCase):
+
+    def tearDown(self):
+        self.dev.close()
+
+    def test_device_open_default_key(self):
+        self.dev = Device('pabst.englab.juniper.net')
+        self.dev.open()
+        self.assertEqual(self.dev.connected, True)
+
+    def test_device_open_key_pass(self):
+        self.dev = Device(host='pabst.englab.juniper.net', ssh_private_key_file='/var/lib/jenkins/.ssh/passkey', passwd='password')
+        self.dev.open()
+        self.assertEqual(self.dev.connected, True)