helper/communicator: support disabling SSH agent

2015-06-23 14:52:37 -07:00 · 2015-06-23 14:52:37 -07:00 · a019575026
parent 32f469dc9a
commit a019575026
4 changed files with 15 additions and 3 deletions
--- a/communicator/ssh/communicator.go
+++ b/communicator/ssh/communicator.go
@ -37,6 +37,9 @@ type Config struct {

 	// Pty, if true, will request a pty from the remote end.
 	Pty bool
+
+	// DisableAgent, if true, will not forward the SSH agent.
+	DisableAgent bool
 }

 // Creates a new packer.Communicator implementation over SSH. This takes
@ -287,6 +290,11 @@ func (c *comm) connectToAgent() {
 		return
 	}

+	if c.config.DisableAgent {
+		log.Printf("[INFO] SSH agent forwarding is diabled.")
+		return
+	}
+
 	// open connection to the local agent
 	socketLocation := os.Getenv("SSH_AUTH_SOCK")
 	if socketLocation == "" {
--- a/helper/communicator/config.go
+++ b/helper/communicator/config.go
@ -22,6 +22,7 @@ type Config struct {
 	SSHPrivateKey        string        `mapstructure:"ssh_private_key_file"`
 	SSHPty               bool          `mapstructure:"ssh_pty"`
 	SSHTimeout           time.Duration `mapstructure:"ssh_timeout"`
+	SSHDisableAgent      bool          `mapstructure:"ssh_disable_agent"`
 	SSHHandshakeAttempts int           `mapstructure:"ssh_handshake_attempts"`
 	SSHBastionHost       string        `mapstructure:"ssh_bastion_host"`
 	SSHBastionPort       int           `mapstructure:"ssh_bastion_port"`
--- a/helper/communicator/step_connect_ssh.go
+++ b/helper/communicator/step_connect_ssh.go
@ -158,9 +158,10 @@ func (s *StepConnectSSH) waitForSSH(state multistep.StateBag, cancel <-chan stru

 		// Then we attempt to connect via SSH
 		config := &ssh.Config{
-			Connection: connFunc,
-			SSHConfig:  sshConfig,
-			Pty:        s.Config.SSHPty,
+			Connection:   connFunc,
+			SSHConfig:    sshConfig,
+			Pty:          s.Config.SSHPty,
+			DisableAgent: s.Config.SSHDisableAgent,
 		}

 		log.Println("[INFO] Attempting SSH connection...")
--- a/website/source/docs/templates/communicator.html.md
+++ b/website/source/docs/templates/communicator.html.md
@ -77,6 +77,8 @@ The SSH communicator has the following options:
  * `ssh_handshake_attempts` (int) - The number of handshakes to attempt with
    SSH once it can connect. This defaults to 10.

+  * `ssh_disable_agent` (bool) - If true, SSH agent forwarding will be disabled.
+
  * `ssh_bastion_host` (string) - A bastion host to use for the actual
    SSH connection.