Skip to content

Commit

Permalink
Disable password authentication when using keys
Browse files Browse the repository at this point in the history 
Fixes #2687
  • Loading branch information
@frantisekz @psss
frantisekz authored and psss committed Feb 22, 2024
1 parent d2df591 commit 61c2cd2
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions tmt/steps/provision/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1278,6 +1278,13 @@ def _ssh_options(self) -> Command:
options.extend(['-i', key])
if self.password:
options.extend(['-oPasswordAuthentication=yes'])
else:
# Makes sure the connection is rejected when we want key-
# based authetication only instead of presenting a prompt
# Prevents issues like https:/teemtee/tmt/issues/2687
# from happening and makes the ssh connection more robust
# by allowing proper re-try mechanisms to kick-in
options.extend(['-oPasswordAuthentication=no'])

# Use the shared master connection
options.append(f'-S{self._ssh_socket()}')
Expand Down

0 comments on commit 61c2cd2

Please sign in to comment.