diff options
| author | Florent Revest <revest@chromium.org> | 2024-03-18 19:25:04 +0100 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2024-03-19 11:15:24 +0000 |
| commit | 41ee133f71cd3d24faeac9b158c749637acb8e8d (patch) | |
| tree | fd303ee9b3afafbefa9d61e4018bbe010a642d72 /vm/vmimpl/util.go | |
| parent | baa80228d652d8b1341ecf7f1411c4e4caf75bd5 (diff) | |
vm/isolated: allow the use of system-wide SSH config
Most of the VM types tightly manage the target they SSH into and can
safely assume that system wide SSH configuration would mess with the SSH
flags provided by syzkaller. However, in the "isolate" VM type, one can
connect to a host that is not at all managed by syzkaller. In this case,
it can be useful to leverage system wide SSH config, maybe provided by a
corporate environment.
This adds an option to the isolated config to skip some of the SSH and
SCP flags that would drop system wide config.
Diffstat (limited to 'vm/vmimpl/util.go')
| -rw-r--r-- | vm/vmimpl/util.go | 34 |
1 files changed, 19 insertions, 15 deletions
diff --git a/vm/vmimpl/util.go b/vm/vmimpl/util.go index 9a007b386..a04914e6d 100644 --- a/vm/vmimpl/util.go +++ b/vm/vmimpl/util.go @@ -23,7 +23,8 @@ func SleepInterruptible(d time.Duration) bool { } } -func WaitForSSH(debug bool, timeout time.Duration, addr, sshKey, sshUser, OS string, port int, stop chan error) error { +func WaitForSSH(debug bool, timeout time.Duration, addr, sshKey, sshUser, OS string, port int, stop chan error, + systemSSHCfg bool) error { pwd := "pwd" if OS == targets.Windows { pwd = "dir" @@ -38,7 +39,7 @@ func WaitForSSH(debug bool, timeout time.Duration, addr, sshKey, sshUser, OS str case <-Shutdown: return fmt.Errorf("shutdown in progress") } - args := append(SSHArgs(debug, sshKey, port), sshUser+"@"+addr, pwd) + args := append(SSHArgs(debug, sshKey, port, systemSSHCfg), sshUser+"@"+addr, pwd) if debug { log.Logf(0, "running ssh: %#v", args) } @@ -55,28 +56,31 @@ func WaitForSSH(debug bool, timeout time.Duration, addr, sshKey, sshUser, OS str } } -func SSHArgs(debug bool, sshKey string, port int) []string { - return sshArgs(debug, sshKey, "-p", port, 0) +func SSHArgs(debug bool, sshKey string, port int, systemSSHCfg bool) []string { + return sshArgs(debug, sshKey, "-p", port, 0, systemSSHCfg) } -func SSHArgsForward(debug bool, sshKey string, port, forwardPort int) []string { - return sshArgs(debug, sshKey, "-p", port, forwardPort) +func SSHArgsForward(debug bool, sshKey string, port, forwardPort int, systemSSHCfg bool) []string { + return sshArgs(debug, sshKey, "-p", port, forwardPort, systemSSHCfg) } -func SCPArgs(debug bool, sshKey string, port int) []string { - return sshArgs(debug, sshKey, "-P", port, 0) +func SCPArgs(debug bool, sshKey string, port int, systemSSHCfg bool) []string { + return sshArgs(debug, sshKey, "-P", port, 0, systemSSHCfg) } -func sshArgs(debug bool, sshKey, portArg string, port, forwardPort int) []string { - args := []string{ - portArg, fmt.Sprint(port), - "-F", "/dev/null", - "-o", "UserKnownHostsFile=/dev/null", +func sshArgs(debug bool, sshKey, portArg string, port, forwardPort int, systemSSHCfg bool) []string { + args := []string{portArg, fmt.Sprint(port)} + if !systemSSHCfg { + args = append(args, + "-F", "/dev/null", + "-o", "UserKnownHostsFile=/dev/null", + "-o", "IdentitiesOnly=yes") + } + args = append(args, "-o", "BatchMode=yes", - "-o", "IdentitiesOnly=yes", "-o", "StrictHostKeyChecking=no", "-o", "ConnectTimeout=10", - } + ) if sshKey != "" { args = append(args, "-i", sshKey) } |