From 44de0996c551a3cd253d19edf7c8fa45b719291c Mon Sep 17 00:00:00 2001 From: Paul Hinze Date: Fri, 19 Jun 2015 16:40:09 -0500 Subject: [PATCH] communicator/ssh: switch agent default to true This changes SSH Agent utilization from opt-in to opt-out, bringing Terraform in line with the behavior of Packer and the `ssh` command itself. But skip SSH agent connections if the SSH_AUTH_SOCK env var doesn't exist, whcih means there's no agent to connect to. --- communicator/ssh/provisioner.go | 9 +++++++++ .../source/docs/provisioners/connection.html.markdown | 2 +- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/communicator/ssh/provisioner.go b/communicator/ssh/provisioner.go index 12d7048e7..6facfcf52 100644 --- a/communicator/ssh/provisioner.go +++ b/communicator/ssh/provisioner.go @@ -62,6 +62,15 @@ func parseConnectionInfo(s *terraform.InstanceState) (*connectionInfo, error) { return nil, err } + // To default Agent to true, we need to check the raw string, since the + // decoded boolean can't represent "absence of config". + // + // And if SSH_AUTH_SOCK is not set, there's no agent to connect to, so we + // shouldn't try. + if s.Ephemeral.ConnInfo["agent"] == "" && os.Getenv("SSH_AUTH_SOCK") != "" { + connInfo.Agent = true + } + if connInfo.User == "" { connInfo.User = DefaultUser } diff --git a/website/source/docs/provisioners/connection.html.markdown b/website/source/docs/provisioners/connection.html.markdown index 8012b2c86..57524486c 100644 --- a/website/source/docs/provisioners/connection.html.markdown +++ b/website/source/docs/provisioners/connection.html.markdown @@ -71,7 +71,7 @@ provisioner "file" { * `key_file` - The SSH key to use for the connection. This takes preference over the password if provided. -* `agent` - Set to true to enable using ssh-agent to authenticate. +* `agent` - Set to false to disable using ssh-agent to authenticate. **Additional arguments only supported by the "winrm" connection type:**