Hello,
I have multiple machines over which I test using LAVA job using primary ssh connection. As my devices OS gets installed every now and then I have to manually update the ssh public key before executing the job so that LAVA can connect to DUT over passwordless SSH.
Is there a way I can include a script in device dictionary to copy the keys automatically before requesting a ssh connection? As I understand password option is not there. Kindly suggest.
Sweta,
On Wed, Sep 11, 2024 at 2:16 PM sweta.ghosh@nagarro.com wrote:
Hello,
I have multiple machines over which I test using LAVA job using primary ssh connection. As my devices OS gets installed every now and then I have to manually update the ssh public key before executing the job so that LAVA can connect to DUT over passwordless SSH.
Is there a way I can include a script in device dictionary to copy the keys automatically before requesting a ssh connection? As I understand password option is not there. Kindly suggest.
I think you're in catch 22 situation here. Worker can't connect to your device without any authorization and since the public key is not there, there is no way for worker to copy a public key. Can't you include the public keys in the OS installation?
Best Regards, Milosz
lava-users mailing list -- lava-users@lists.lavasoftware.org To unsubscribe send an email to lava-users-leave@lists.lavasoftware.org %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
Hi Sweta,
I'm not sure which keys you are talking about: 1. the SSH public key for user authentication 2. the SSH host key for host verification
For 1.) Milosz already answered. For 2.) copying the host key (to your known_hosts) before each job effectively makes you to ignore the host key. It would be easier to start your SSH connection with "-o StrictHostKeyChecking=no", which ignores the key and doesn't check/update known_hosts. That's okay for a test environment - but to be more secure I would backup the host key before re-installing the DUT.
Stefan
On 2024-09-11 15:38, Milosz Wasilewski wrote:
Sweta,
On Wed, Sep 11, 2024 at 2:16 PM sweta.ghosh@nagarro.com wrote:
Hello,
I have multiple machines over which I test using LAVA job using primary ssh connection. As my devices OS gets installed every now and then I have to manually update the ssh public key before executing the job so that LAVA can connect to DUT over passwordless SSH.
Is there a way I can include a script in device dictionary to copy the keys automatically before requesting a ssh connection? As I understand password option is not there. Kindly suggest.
I think you're in catch 22 situation here. Worker can't connect to your device without any authorization and since the public key is not there, there is no way for worker to copy a public key. Can't you include the public keys in the OS installation?
Best Regards, Milosz
lava-users mailing list -- lava-users@lists.lavasoftware.org To unsubscribe send an email to lava-users-leave@lists.lavasoftware.org %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
lava-users mailing list -- lava-users@lists.lavasoftware.org To unsubscribe send an email to lava-users-leave@lists.lavasoftware.org %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
Thanks Stefan and Milosz for replying.
Yes I was talking about ssh key for user authentication only. Also we cannot add test keys in OS images. I will look for some other way in my pipeline to copy these keys remotely before executing LAVA Job.
________________________________ From: Stefan lists.lavasoftware.org_23@green-sparklet.de Sent: Wednesday, September 11, 2024 7:16 PM To: lava-users@lists.lavasoftware.org lava-users@lists.lavasoftware.org Subject: [lava-users] Re: Execute script while running ssh device type
[Email from a non-Nagarro source: please exercise caution with links and attachments]
Hi Sweta,
I'm not sure which keys you are talking about: 1. the SSH public key for user authentication 2. the SSH host key for host verification
For 1.) Milosz already answered. For 2.) copying the host key (to your known_hosts) before each job effectively makes you to ignore the host key. It would be easier to start your SSH connection with "-o StrictHostKeyChecking=no", which ignores the key and doesn't check/update known_hosts. That's okay for a test environment - but to be more secure I would backup the host key before re-installing the DUT.
Stefan
On 2024-09-11 15:38, Milosz Wasilewski wrote:
Sweta,
On Wed, Sep 11, 2024 at 2:16 PM sweta.ghosh@nagarro.commailto:sweta.ghosh@nagarro.com wrote:
Hello,
I have multiple machines over which I test using LAVA job using primary ssh connection. As my devices OS gets installed every now and then I have to manually update the ssh public key before executing the job so that LAVA can connect to DUT over passwordless SSH.
Is there a way I can include a script in device dictionary to copy the keys automatically before requesting a ssh connection? As I understand password option is not there. Kindly suggest.
I think you're in catch 22 situation here. Worker can't connect to your device without any authorization and since the public key is not there, there is no way for worker to copy a public key. Can't you include the public keys in the OS installation?
Best Regards, Milosz
_______________________________________________ lava-users mailing list -- lava-users@lists.lavasoftware.orgmailto:lava-users@lists.lavasoftware.org To unsubscribe send an email to lava-users-leave@lists.lavasoftware.orgmailto:lava-users-leave@lists.lavasoftware.org %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
_______________________________________________ lava-users mailing list -- lava-users@lists.lavasoftware.orgmailto:lava-users@lists.lavasoftware.org To unsubscribe send an email to lava-users-leave@lists.lavasoftware.orgmailto:lava-users-leave@lists.lavasoftware.org %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
lava-users@lists.lavasoftware.org