Commit 67fed8e8 authored by Mitchell Hashimoto's avatar Mitchell Hashimoto

Merge pull request #2299 from mitchellh/f-agent-disable

helper/communicator: support disabling SSH agent
parents 32f469dc a0195750
...@@ -37,6 +37,9 @@ type Config struct { ...@@ -37,6 +37,9 @@ type Config struct {
// Pty, if true, will request a pty from the remote end. // Pty, if true, will request a pty from the remote end.
Pty bool Pty bool
// DisableAgent, if true, will not forward the SSH agent.
DisableAgent bool
} }
// Creates a new packer.Communicator implementation over SSH. This takes // Creates a new packer.Communicator implementation over SSH. This takes
...@@ -287,6 +290,11 @@ func (c *comm) connectToAgent() { ...@@ -287,6 +290,11 @@ func (c *comm) connectToAgent() {
return return
} }
if c.config.DisableAgent {
log.Printf("[INFO] SSH agent forwarding is diabled.")
return
}
// open connection to the local agent // open connection to the local agent
socketLocation := os.Getenv("SSH_AUTH_SOCK") socketLocation := os.Getenv("SSH_AUTH_SOCK")
if socketLocation == "" { if socketLocation == "" {
......
...@@ -22,6 +22,7 @@ type Config struct { ...@@ -22,6 +22,7 @@ type Config struct {
SSHPrivateKey string `mapstructure:"ssh_private_key_file"` SSHPrivateKey string `mapstructure:"ssh_private_key_file"`
SSHPty bool `mapstructure:"ssh_pty"` SSHPty bool `mapstructure:"ssh_pty"`
SSHTimeout time.Duration `mapstructure:"ssh_timeout"` SSHTimeout time.Duration `mapstructure:"ssh_timeout"`
SSHDisableAgent bool `mapstructure:"ssh_disable_agent"`
SSHHandshakeAttempts int `mapstructure:"ssh_handshake_attempts"` SSHHandshakeAttempts int `mapstructure:"ssh_handshake_attempts"`
SSHBastionHost string `mapstructure:"ssh_bastion_host"` SSHBastionHost string `mapstructure:"ssh_bastion_host"`
SSHBastionPort int `mapstructure:"ssh_bastion_port"` SSHBastionPort int `mapstructure:"ssh_bastion_port"`
......
...@@ -158,9 +158,10 @@ func (s *StepConnectSSH) waitForSSH(state multistep.StateBag, cancel <-chan stru ...@@ -158,9 +158,10 @@ func (s *StepConnectSSH) waitForSSH(state multistep.StateBag, cancel <-chan stru
// Then we attempt to connect via SSH // Then we attempt to connect via SSH
config := &ssh.Config{ config := &ssh.Config{
Connection: connFunc, Connection: connFunc,
SSHConfig: sshConfig, SSHConfig: sshConfig,
Pty: s.Config.SSHPty, Pty: s.Config.SSHPty,
DisableAgent: s.Config.SSHDisableAgent,
} }
log.Println("[INFO] Attempting SSH connection...") log.Println("[INFO] Attempting SSH connection...")
......
...@@ -77,6 +77,8 @@ The SSH communicator has the following options: ...@@ -77,6 +77,8 @@ The SSH communicator has the following options:
* `ssh_handshake_attempts` (int) - The number of handshakes to attempt with * `ssh_handshake_attempts` (int) - The number of handshakes to attempt with
SSH once it can connect. This defaults to 10. SSH once it can connect. This defaults to 10.
* `ssh_disable_agent` (bool) - If true, SSH agent forwarding will be disabled.
* `ssh_bastion_host` (string) - A bastion host to use for the actual * `ssh_bastion_host` (string) - A bastion host to use for the actual
SSH connection. SSH connection.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment