Updates existing test coverage to use insecure private key collection
and adds testing for behavior changes within the communicator and the
keypair utility.
The keyboard-interactive authentication method was added due to a
mis-reading of a reported issue where the box was not properly
configured for Vagrant. This removes the keyboard-interactive
authentication method which resolves a password prompting issue caused
by its addition.
When connecting over ssh using net-ssh use the non_interactive
argument must be set when authenticating with a password.
Add the keyboard-interactive default auth method
ref: 8a176a6ea0/lib/net/ssh/config.rb (L52)
This includes updates for resolving all warnings provided by Ruby
for deprecations and/or removed methods. It also enables support
for Ruby 2.7 in the specification constraint as all 2.7 related
warnings are resolved with this changeset.
This commit changes the SSH communicator to raise an error if Vagrant
doesn't receive an exit status from an SSH command, for example if the
command is terminated by the OOM-killer.
Retains the original default value of 15 seconds for SSH connect
timeout. Allows users to modify this timeout via SSH communicator
option. Enforces integer values for timeout and validates custom
values are greater than 0.
This patches the connection instances generated for the winssh
communicator so when a command is executed it is always run
with powershell. This prevents inconsistencies with argument
handling based on what the default shell is set to on the remote
side.
Since powershell is the default, environment variable template
only needs to be set for powershell style. If the shell setting
is updated to `cmd`, the command will be properly prefixed.
Default shell has been updated to powershell, to prevent extraneous
wrapping where it's not required. The `#ready?` check has also been
updated to use a constant value, which is overridden within winssh
as a blank command is invalid.
SFTP is more reliable than SCP when dealing with unknown sshd
configurations on the server side. It also provides a convenient
facility for creating remote directories, so we can remove the
Windows-specific `#create_remote_directory` method.
Windows commands that run over SSH are wrapped in a script that writes a
special marker to the two output streams (stdout and stderr). This
allows Vagrant to consume the output streams.
Unfortunately, this leads to a sort of chicken-and-egg problem where no
commands can be run before a wrapper script exists. For example, you
can't make a destination directory to upload the wrapper script without
first creating a wrapper script to make the directory. :)
This commit changes the behavior of the WinSSH communicator to assume
that the destination directory already exists for provisioning scripts.
It also moves the default `upload_path` from the shell provisioner
config so we can have OS-specific defaults.
Finally, it introduces a Windows-specific #upload method which will
properly use a Windows path separator on a non-Windows host.
This update was prompted by updates in openssh to the scp behavior
making source directory paths suffixed with `.` no longer valid
resulting in errors on upload. The upload implementation within
the ssh communicator has been updated to retain the existing
behavior.
Included in this update is modifications to the winrm communicator
so the upload functionality matches that of the ssh communicator
respecting the trailing `.` behavior on source paths. With the
communicators updated to properly handle the paths, the file
provisioner was also updated to simply apply previously defined
path update rules only.
Fixes#10675
Include config option within ssh_config command output template. Default
remote_user value to set username value. Include existence check on
provided config value to ensure file is available. Update tests to
include coverage on all changes. Add new options to the docs.
Elevated commands can fail via winrm under certain conditions like
the machine name being changed. Detect this by checking for a known
exit code combined with known output included within stderr. If found,
attempt to re-execute the command using a machine prefixed username
if possible.
When running a shell provisioner elevated with winrm a scheduled
task is created to bypass permissions issues. If the name of the
computer has changed this may no longer work. To prevent errors
this PR updates the implementation to fetch the computer name
and prepends it to the username before creating the task.
If the type of error changes on retry the messages will effectively
spam the user display with alternating messages. Log each message
sent and only re-display each message once within 10 seconds.
This updates the permissions on the automatically generated private
key file to only be readable by the user. Includes support for file
permission modification on Windows platform.
This uses shellwords to split the command in the command filter
inside the winrm communicator. Using shellwords properly handles
things like quoted paths. Path arguments are also quoted to
prevent issues with paths that include spaces.
Fixes#9390
As of `net-ssh` version 4.2.0, the key :paranoid has been deprecated in
favor of using :verify_host_key. This commit updates Vagrants ssh config
to use the new key, and deprecates the use of :paranoid.
This commit aligns how the file provisioner should work on all host
machines. It ensures that a `/.` is only applied if the user intended
to upload a folder to a destination under a different name. It ensures
that if uploading to a windows guest with a different destination folder
name, it does not nest the source folder under that name so that it
works the same as it does on linux platforms. It also updates the
behavior of the winrm upload communicator by allowing an array of paths
to be uploaded instead of a single file or folder to allow for this new
functionality for windows guests.
