OpenStack Shared File Systems Service (Manila)

SSHPool object does not auto discover private key from ~/.ssh folder during authentication

Bug #1412782 reported by Ramana Raja
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Shared File Systems Service (Manila)
Fix Released
Medium
Ramana Raja
OpenStack Shared File Systems Service (Manila) 2015.1.0 "kilo"

Bug Description

Currently the SSHPool class object does not authenticate to the server in its create() method if the path to SSH private key or user password is not passed during object creation. The create() method does not allow private key to be discovered in the default ~/.ssh folder while trying to authenticate to the server. This is because the create() method presently errors out when path to private key or password is not available. Please see line 136 of the utils module in following patch, https://github.com/openstack/manila/commit/3d47181a2eea5986ac147fb84bfbe60fd1a8c21d
So this behavior of the create () method is actually contrary to the commit message of the patch, which states that auto discovery of key from ~/.ssh folder is allowed.

See original description
Ramana Raja (rraja)
description: updated
Changed in manila:
assignee: nobody → Ramana Raja (rraja)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to manila (master)

Fix proposed to branch: master
Review: https://review.openstack.org/148534

Changed in manila:
status: New → In Progress
Valeriy Ponomaryov (vponomaryov)
Changed in manila:
milestone: none → kilo-2
importance: Undecided → Medium
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to manila (master)

Reviewed: https://review.openstack.org/148534
Committed: https://git.openstack.org/cgit/openstack/manila/commit/?id=1f00b5375076f0bf20888d3342ad459597b20f62
Submitter: Jenkins
Branch: master

commit 1f00b5375076f0bf20888d3342ad459597b20f62
Author: Ramana Raja <email address hidden>
Date: Tue Jan 20 12:51:57 2015 +0530

    utils: Allow discovery of private key in ~/.ssh

    A SSHPool class object, used to hold ssh connections, fails to
    authenticate to the server in its create () method if the path to
    SSH private key or user password is not passed during object creation.
    The create () method does not allow private key to be discovered in
    the default ~/.ssh folder when trying to authenticate or connect
    to the SSH server. Instead allow auto discovery of the key in the
    paramiko SSHClient's connect method (called in create () method) if the
    path to private key or password is not provided.

    Also make the following minor cleanups in the

    create() method of SSHPool class:
    - pass the path to the key file input directly to the SSHClient's
      connect () method using the appropriate parameter, keyfile, instead
      of picking key from key file and passing that as 'pkey' parameter.
    - restrict the try except block to only the steps involved in
      connecting to the SSH server.
    - reraise the exception that would be raised by the Paramiko library
      instead of raising own exception.

    initialization method of SSHPool class:
    - rename the attribute privatekey as path_to_private_key to accurately
      reflect what it refers to, the path of the private key file.

    Change-Id: I590702d97086d33245894fd686250e75e8e359f2
    Closes-Bug: #1412782

Changed in manila:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in manila:
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in manila:
milestone: kilo-2 → 2015.1.0
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.