support keyboard interactive auth

2020-03-06 12:22:48 +09:00 · 2020-03-06 12:22:48 +09:00 · e2df4a80f8
parent 698924f246
commit e2df4a80f8
2 changed files with 34 additions and 0 deletions
--- a/communicator/ssh/keyboard_interactive.go
+++ b/communicator/ssh/keyboard_interactive.go
@ -0,0 +1,31 @@
+package ssh
+
+import (
+	"golang.org/x/crypto/ssh"
+	"golang.org/x/crypto/ssh/terminal"
+	"log"
+	"syscall"
+)
+
+func KeyboardInteractive() ssh.KeyboardInteractiveChallenge {
+	return func(user, instruction string, questions []string, echos []bool) ([]string, error) {
+		if len(questions) == 0 {
+			return []string{}, nil
+		}
+
+		log.Printf("-- User: %s", user)
+		log.Printf("-- Instructions: %s", instruction)
+		for i, question := range questions {
+			log.Printf("-- Question %d: %s", i+1, question)
+		}
+		answers := make([]string, len(questions))
+		for i := range questions {
+			s, err := terminal.ReadPassword(int(syscall.Stdin))
+			if err != nil {
+				return nil, err
+			}
+			answers[i] = string(s)
+		}
+		return answers, nil
+	}
+}
--- a/helper/communicator/step_connect_ssh.go
+++ b/helper/communicator/step_connect_ssh.go
@ -245,6 +245,9 @@ func (s *StepConnectSSH) waitForSSH(state multistep.StateBag, ctx context.Contex

 func sshBastionConfig(config *Config) (*gossh.ClientConfig, error) {
 	auth := make([]gossh.AuthMethod, 0, 2)
+
+	auth = append(auth, gossh.KeyboardInteractive(ssh.KeyboardInteractive()))
+
 	if config.SSHBastionPassword != "" {
 		auth = append(auth,
 			gossh.Password(config.SSHBastionPassword),