-1

I'm in an environment with authentication tokens, so typically a SSH password is not required. My serverspec tests are always asking me for a password. Is there a way to prevent this?

No password required:

$ ssh atlspf01
newatson@atlspf01:~$

Yet, in serverspec

$ rake spec
Password:

Relevant code in spec_helper.rb

require 'serverspec'
require 'net/ssh'

set :backend, :ssh
...
set :host, ENV['TARGET_HOST']
set :ssh_options, :user => ENV['USERNAME']

UPDATE: Problem is that net::ssh does not support Kerberos authentication (gssapi-with-mic). Use ssh::ssh::kerberos or use ssh keys.

Neil H Watson
  • 1,002
  • 1
  • 14
  • 31

1 Answers1

1

On your configuration, you only pass info about user to ssh_options

Assuming that your target host is stored into environmental variable TARGET_HOST and username is stored into USERNAME, you should do something like this:

set :ssh_options, Net::SSH::Config.for(ENV['TARGET_HOST']).merge(user: ENV['USERNAME'])

egwspiti
  • 957
  • 5
  • 10
  • It connects to the correct host as it is. It's the password prompts I'm trying to avoid. – Neil H Watson Jun 15 '15 at 16:09
  • @neil Using the above answer, does it still require password or does it complain about sudo password? – egwspiti Jun 15 '15 at 16:15
  • With the above answer I still get the prompt 'Password:'. I think it's for SSH because if I provied the wrong password I get an SSH authentication failure. – Neil H Watson Jun 15 '15 at 16:24
  • @neil what is the output of `Net::SSH::Config.for(ENV['TARGET_HOST'])` ? At my system, I get something like this: {:auth_methods=>["none", "publickey", "password", "keyboard-interactive"], :send_env=>[/^LANG$/, /^LC_CTYPE$/, /^LC_NUMERIC$/, /^LC_TIME$/, /^LC_COLLATE$/, /^LC_MONETARY$/, /^LC_MESSAGES$/]} and serverspec works without asking me for a password. So I guess you should check the auth_methods. – egwspiti Jun 15 '15 at 16:28
  • looks the same as yours: `{:auth_methods=>["none", "publickey", "password", "keyboard-interactive"], :send_env=>[/^LANG$/, /^LC_CTYPE$/, /^LC_NUMERIC$/, /^LC_TIME$/, /^LC_COLLATE$/, /^LC_MONETARY$/, /^LC_MESSAGES$/]}` – Neil H Watson Jun 15 '15 at 16:33
  • @neil btw, are you sure that username is stored in `USERNAME` and not `USER` environment variable ? Also, try adding `puts "ssh options: #{Specinfra::Configuration.ssh_options}"` at the end of spec/spec_helper.rb so as to verify that everything is actually set correctly. – egwspiti Jun 15 '15 at 16:38
  • Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/80589/discussion-between-neil-h-watson-and-egwspiti). – Neil H Watson Jun 15 '15 at 16:40