From f0c9d0a1fe8b19edf53f775dffb66057c0c9be12 Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Tue, 11 Jun 2013 12:24:42 -0700
Subject: fix longstanding problem with vagrant nodes: everyone has a different
 ssh pub key, but before leap_cli wanted you to commit these different keys
 into. Now, for vagrant nodes, we ignore the host key: we don't save it, we
 don't check it.

---
 lib/leap_cli/commands/node.rb  | 2 +-
 lib/leap_cli/commands/shell.rb | 7 +++++--
 2 files changed, 6 insertions(+), 3 deletions(-)

(limited to 'lib/leap_cli/commands')

diff --git a/lib/leap_cli/commands/node.rb b/lib/leap_cli/commands/node.rb
index 4b5ea9e..1f94fe6 100644
--- a/lib/leap_cli/commands/node.rb
+++ b/lib/leap_cli/commands/node.rb
@@ -60,7 +60,7 @@ module LeapCli; module Commands
         finished = []
         manager.filter!(args).each_node do |node|
           ping_node(node, options) unless options[:noping]
-          save_public_host_key(node, global, options)
+          save_public_host_key(node, global, options) unless node.vagrant?
           update_compiled_ssh_configs
           ssh_connect_options = connect_options(options).merge({:bootstrap => true, :echo => options[:echo]})
           ssh_connect(node, ssh_connect_options) do |ssh|
diff --git a/lib/leap_cli/commands/shell.rb b/lib/leap_cli/commands/shell.rb
index 822ef05..3a6cebc 100644
--- a/lib/leap_cli/commands/shell.rb
+++ b/lib/leap_cli/commands/shell.rb
@@ -39,11 +39,14 @@ module LeapCli; module Commands
     options = [
       "-o 'HostName=#{node.ip_address}'",
       "-o 'HostKeyAlias=#{node.name}'",
-      "-o 'GlobalKnownHostsFile=#{path(:known_hosts)}'",
-      "-o 'StrictHostKeyChecking=yes'"
+      "-o 'GlobalKnownHostsFile=#{path(:known_hosts)}'"
     ]
     if node.vagrant?
       options << "-i #{vagrant_ssh_key_file}"
+      options << "-o 'StrictHostKeyChecking=no'"      # \ together, these options allow us to just blindly accept
+      options << "-o 'UserKnownHostsFile=/dev/null'"  # / what pub key the vagrant node has. useful, because it is different for everyone.
+    else
+      options << "-o 'StrictHostKeyChecking=yes'"
     end
     username = 'root'
     # the echo sets the terminal title. it would be better to do this on the server
-- 
cgit v1.2.3