Define directory and paths for insecure private keys

Within the environment, add a new directory value which points to the
directory containing the valid insecure private keys. A new default
private key paths value contains an array of all the insecure private
keys which are available for initial authentication.

lib/vagrant/environment.rb

@@ -68,8 +68,11 @@ module Vagrant
     # The path where the plugins are stored (gems)
     attr_reader :gems_path
 
-    # The path to the default private key
-    attr_reader :default_private_key_path
+    # The path to the default private keys directory
+    attr_reader :default_private_keys_directory
+
+    # The paths for each of the default private keys
+    attr_reader :default_private_key_paths
 
     # Initializes a new environment with the given options. The options
     # is a hash where the main available key is `cwd`, which defines where
@@ -174,7 +177,12 @@ module Vagrant
 
       # Setup the default private key
       @default_private_key_path = @home_path.join("insecure_private_key")
-      copy_insecure_private_key
+      @default_private_keys_directory = @home_path.join("insecure_private_keys")
+      if !@default_private_keys_directory.directory?
+        @default_private_keys_directory.mkdir
+      end
+      @default_private_key_paths = []
+      copy_insecure_private_keys
 
       # Initialize localized plugins
       plugins = Vagrant::Plugin::Manager.instance.localize!(self)
@@ -196,6 +204,13 @@ module Vagrant
       hook(:environment_load, runner: Action::PrimaryRunner.new(env: self))
     end
 
+    # The path to the default private key
+    # NOTE: deprecated, used default_private_keys_directory instead
+    def default_private_key_path
+      # TODO(spox): Add deprecation warning
+      @default_private_key_path
+    end
+
     # Return a human-friendly string for pretty printed or inspected
     # instances.
     #
@@ -1053,14 +1068,18 @@ module Vagrant
       end
     end
 
-    # This method copies the private key into the home directory if it
-    # doesn't already exist.
+    # This method copies the private keys into the home directory if they
+    # do not already exist. The `default_private_key_path` references the
+    # original rsa based private key and is retained for compatibility. The
+    # `default_private_keys_directory` contains the list of valid private
+    # keys supported by Vagrant.
     #
-    # This must be done because `ssh` requires that the key is chmod
+    # NOTE: The keys are copied because `ssh` requires that the key is chmod
     # 0600, but if Vagrant is installed as a separate user, then the
     # effective uid won't be able to read the key. So the key is copied
     # to the home directory and chmod 0600.
-    def copy_insecure_private_key
+    def copy_insecure_private_keys
+      # First setup the deprecated single key path
       if !@default_private_key_path.exist?
         @logger.info("Copying private key to home directory")
 
@@ -1084,6 +1103,29 @@ module Vagrant
           @default_private_key_path.chmod(0600)
         end
       end
+
+      # Now setup the key directory
+      Dir.glob(File.expand_path("keys/vagrant.key.*", Vagrant.source_root)).each do |source|
+        destination = default_private_keys_directory.join(File.basename(source))
+        default_private_key_paths << destination
+        next if File.exist?(destination)
+        begin
+          FileUtils.cp(source, destination)
+        rescue Errno::EACCES
+          raise Errors::CopyPrivateKeyFailed,
+            source: source,
+            destination: destination
+        end
+      end
+
+      if !Util::Platform.windows?
+        default_private_key_paths.each do |key_path|
+          if Util::FileMode.from_octal(key_path.stat.mode) != "600"
+            @logger.info("Changing permissions on private key (#{key_path}) to 0600")
+            key_path.chmod(0600)
+          end
+        end
+      end
     end
 
     # Finds the Vagrantfile in the given directory.