protected final void probeSSH(final String host, final KeyPair key) { final Callable<Boolean> callable = () -> { final JSch jsch = new JSch(); final Session session = jsch.getSession("ec2-user", host); jsch.addIdentity(key.getKeyName(), key.getKeyMaterial().getBytes(), null, null); jsch.setConfig("StrictHostKeyChecking", "no"); // for testing this should be fine. adding the host key seems to be only possible via a file which is not very useful here session.connect(10000); session.disconnect(); return true; }; Assert.assertTrue(this.retry(callable)); }
@Override public void invoke(FacadeFactory factory, ProjectAndEnv projectAndEnv, Collection<Parameter> cfnParams, Collection<Parameter> artifacts, String... argument) throws IOException, InterruptedException, CfnAssistException, MissingArgumentException { AwsFacade facade = factory.createFacade(); String filename; if (argument==null) { String home = System.getenv("HOME"); String keypairName = format("%s_%s", projectAndEnv.getProject(), projectAndEnv.getEnv()); filename = format("%s/.ssh/%s.pem", home, keypairName); } else { filename = argument[0]; } KeyPair keyPair = facade.createKeyPair(projectAndEnv, factory.getSavesFile(), filename); System.out.println(format("Created key %s with fingerprint %s", keyPair.getKeyName(), keyPair.getKeyFingerprint())); }
@Test public void shouldCreateKeyPairAndTagVPC() throws CfnAssistException { String filename = "fileForPem.pem"; SavesFile destination = createStrictMock(SavesFile.class); KeyPair keypair = new KeyPair().withKeyName("CfnAssist_Test"); EasyMock.expect(destination.exists(filename)).andReturn(false); EasyMock.expect(cloudRepository.createKeyPair("CfnAssist_Test", destination, filename)). andReturn(keypair); vpcRepository.setVpcTag(projectAndEnv, "keypairname", "CfnAssist_Test"); EasyMock.expectLastCall(); replayAll(); KeyPair result = aws.createKeyPair(projectAndEnv, destination, filename); verifyAll(); assertEquals("CfnAssist_Test", result.getKeyName()); }
@Override public String create(Instance instance) { CreateKeyPairRequest createKeyPairRequest = new CreateKeyPairRequest(); createKeyPairRequest.withKeyName(instance.getKeyName()); CreateKeyPairResult createKeyPairResult = ec2UserClient.amazonEC2Async().createKeyPair(createKeyPairRequest); KeyPair keyPair = createKeyPairResult.getKeyPair(); return keyPair.getKeyMaterial(); }
@Test public void test() { final String vpcStackName = "vpc-2azs-" + this.random8String(); final String stackName = "ec2-auto-recovery-" + this.random8String(); final String classB = "10"; final String keyName = "key-" + this.random8String(); try { final KeyPair key = this.createKey(keyName); try { this.createStack(vpcStackName, "vpc/vpc-2azs.yaml", new Parameter().withParameterKey("ClassB").withParameterValue(classB) ); try { this.createStack(stackName, "ec2/ec2-auto-recovery.yaml", new Parameter().withParameterKey("ParentVPCStack").withParameterValue(vpcStackName), new Parameter().withParameterKey("KeyName").withParameterValue(keyName) ); final String host = this.getStackOutputValue(stackName, "IPAddress"); this.probeSSH(host, key); } finally { this.deleteStack(stackName); } } finally { this.deleteStack(vpcStackName); } } finally { this.deleteKey(keyName); } }
@Test public void test() { final String vpcStackName = "vpc-2azs-" + this.random8String(); final String bastionStackName = "vpc-ssh-bastion-" + this.random8String(); final String classB = "10"; final String keyName = "key-" + this.random8String(); try { final KeyPair key = this.createKey(keyName); try { this.createStack(vpcStackName, "vpc/vpc-2azs.yaml", new Parameter().withParameterKey("ClassB").withParameterValue(classB) ); try { this.createStack(bastionStackName, "vpc/vpc-ssh-bastion.yaml", new Parameter().withParameterKey("ParentVPCStack").withParameterValue(vpcStackName), new Parameter().withParameterKey("KeyName").withParameterValue(keyName) ); final String host = this.getStackOutputValue(bastionStackName, "IPAddress"); this.probeSSH(host, key); } finally { this.deleteStack(bastionStackName); } } finally { this.deleteStack(vpcStackName); } } finally { this.deleteKey(keyName); } }
/** * Gets the {@link KeyPairInfo} used for the launch. */ public synchronized KeyPair getKeyPair() throws AmazonClientException, IOException { if (usableKeyPair == null) { usableKeyPair = privateKey.find(connect()); } return usableKeyPair; }
public FormValidation doGenerateKey(StaplerResponse rsp, URL ec2EndpointUrl, boolean useInstanceProfileForCredentials, String accessId, String secretKey) throws IOException, ServletException { try { AWSCredentialsProvider credentialsProvider = createCredentialsProvider(useInstanceProfileForCredentials, accessId, secretKey); AmazonEC2 ec2 = connect(credentialsProvider, ec2EndpointUrl); List<KeyPairInfo> existingKeys = ec2.describeKeyPairs().getKeyPairs(); int n = 0; while (true) { boolean found = false; for (KeyPairInfo k : existingKeys) { if (k.getKeyName().equals("hudson-" + n)) { found = true; } } if (!found) { break; } n++; } CreateKeyPairRequest request = new CreateKeyPairRequest("hudson-" + n); KeyPair key = ec2.createKeyPair(request).getKeyPair(); rsp.addHeader("script", "findPreviousFormItem(button,'privateKey').value='" + key.getKeyMaterial().replace("\n", "\\n") + "'"); return FormValidation.ok(Messages.EC2Cloud_Success()); } catch (AmazonClientException e) { LOGGER.log(Level.WARNING, "Failed to check EC2 credential", e); return FormValidation.error(e.getMessage()); } }
private int bootstrap(Connection bootstrapConn, EC2Computer computer, PrintStream logger) throws IOException, InterruptedException, AmazonClientException { logger.println("bootstrap()" ); boolean closeBootstrap = true; try { int tries = 20; boolean isAuthenticated = false; logger.println("Getting keypair..." ); KeyPair key = computer.getCloud().getKeyPair(); logger.println("Using key: " + key.getKeyName() + "\n" + key.getKeyFingerprint() + "\n" + key.getKeyMaterial().substring(0, 160) ); while (tries-- > 0) { logger.println("Authenticating as " + computer.getRemoteAdmin()); isAuthenticated = bootstrapConn.authenticateWithPublicKey(computer.getRemoteAdmin(), key.getKeyMaterial().toCharArray(), ""); if (isAuthenticated) { break; } logger.println("Authentication failed. Trying again..."); Thread.sleep(10000); } if (!isAuthenticated) { logger.println("Authentication failed"); return FAILED; } closeBootstrap = false; return SAMEUSER; } finally { if (closeBootstrap) bootstrapConn.close(); } }
@Override protected KeyPair convertObject(KeyPairInfo from) { KeyPair to = new KeyPair(); to.setKeyName(from.getKeyName()); to.setKeyMaterial(from.getKeyMaterial()); to.setKeyFingerprint(from.getKeyFingerprint()); return to; }
/*** * Creates a 2048-bit RSA key pair with the specified name * * @param keyName Key name to use * @return Unencrypted PEM encoded PKCS#8 private key */ public String createKeyValuePair(String keyName) { final AmazonEC2 amazonEC2 = getEc2Client(); final CreateKeyPairRequest createKeyPairRequest = new CreateKeyPairRequest().withKeyName(keyName); final CreateKeyPairResult createKeyPairResult = amazonEC2.createKeyPair(createKeyPairRequest); final KeyPair keyPair = createKeyPairResult.getKeyPair(); final String material = keyPair.getKeyMaterial(); LOGGER.info("Created key: " + keyName); LOGGER.debug("Created material: " + material); return material; }
public KeyPair createKeyPair(ProjectAndEnv projAndEnv, SavesFile destination, String filename) throws CfnAssistException { if (destination.exists(filename)) { throw new CfnAssistException(format("File '%s' already exists", filename)); } String env = projAndEnv.getEnv(); String project = projAndEnv.getProject(); String keypairName = format("%s_%s", project,env); logger.info("Create key pair with name " + keypairName); KeyPair result = cloudRepository.createKeyPair(keypairName, destination, filename); vpcRepository.setVpcTag(projAndEnv,KEYNAME_TAG, result.getKeyName()); return result; }
@Test public void shouldCreateKeypairWithNoFilename() throws InterruptedException, MissingArgumentException, CfnAssistException { String home = System.getenv("HOME"); String filename = format("%s/.ssh/CfnAssist_Test.pem",home); KeyPair keyPair = new KeyPair().withKeyFingerprint("fingerprint").withKeyName("keyName"); SavesFile savesFile = EasyMock.createMock(SavesFile.class); setFactoryExpectations(); EasyMock.expect(factory.getSavesFile()).andReturn(savesFile); EasyMock.expect(facade.createKeyPair(projectAndEnv, savesFile, filename)).andReturn(keyPair); validate((CLIArgBuilder.createKeyPair(""))); }
@Test public void shouldCreateKeypairWithFilename() throws InterruptedException, MissingArgumentException, CfnAssistException { String filename = "someFilename"; SavesFile savesFile = EasyMock.createMock(SavesFile.class); KeyPair keyPair = new KeyPair().withKeyFingerprint("fingerprint").withKeyName("keyName"); setFactoryExpectations(); EasyMock.expect(factory.getSavesFile()).andReturn(savesFile); EasyMock.expect(facade.createKeyPair(projectAndEnv, savesFile, filename)).andReturn(keyPair); validate(CLIArgBuilder.createKeyPair(filename)); }
public KeyPair createKeyPair(String keyName) { logger.info("create key pair, keyName={}", keyName); CreateKeyPairResult result = ec2.createKeyPair(new CreateKeyPairRequest().withKeyName(keyName)); return result.getKeyPair(); }
