Skip to content

Commit

Permalink
qemu_guest_agent: Add ssh-key injection support for windows
Browse files Browse the repository at this point in the history
Add public ssh-key injection support for windows. Linux had been
supported already.
Add script Install_config_OpenSSH.ps1 to prepare OPenSSH.

Signed-off-by: Dehan Meng <[email protected]>
  • Loading branch information
6-dehan committed Aug 22, 2024
1 parent 1de0726 commit 45d95be
Show file tree
Hide file tree
Showing 2 changed files with 45 additions and 16 deletions.
33 changes: 27 additions & 6 deletions qemu/tests/cfg/qemu_guest_agent.cfg
Original file line number Diff line number Diff line change
Expand Up @@ -546,30 +546,51 @@
input_dev_type_input2 = mouse
input_dev_type_input3 = tablet
- gagent_ssh_public_key_injection:
only Linux
no RHEL.7 RHEL.8 RHEL.9.0 RHEL.9.1
gagent_check_type = ssh_public_key_injection
set_sebool = "setsebool virt_qemu_ga_read_nonsecurity_files on ; setsebool virt_qemu_ga_manage_ssh on"
cmd_clean_keys = rm -rf ~/.ssh/*
ssh_keygen_cmd = "ssh-keygen -t rsa -P "" -f ~/.ssh/id_rsa"
cmd_get_hostkey = "cat ~/.ssh/id_rsa.pub"
add_line_at_end = "echo >> ${guest_homepath}/.ssh/authorized_keys"
cmd_get_guestkey = "cat ${guest_homepath}/.ssh/authorized_keys"
cmd_del_key_file = "rm -rf ${guest_homepath}/.ssh/authorized_keys"
variants:
- root:
only Linux
guest_user = "root"
guest_homepath = /${guest_user}
test_login_guest = ssh ${guest_user}@%s -o stricthostkeychecking=no ls ${guest_homepath}
test_login_guest = ssh ${guest_user}@%s -o StrictHostKeyChecking=no ls ${guest_homepath}
output_check_str = 'anaconda-ks.cfg'
- non_root_user:
only Linux
guest_user = "fedora"
guest_user_passwd = "redhat"
guest_homepath = "/home/${guest_user}"
cmd_add_user_set_passwd = useradd ${guest_user} && echo ${guest_user_passwd} | passwd --stdin ${guest_user}
cmd_remove_user = userdel -rf ${guest_user}
test_login_guest = ssh ${guest_user}@%s -o stricthostkeychecking=no ls '/home'
test_login_guest = ssh ${guest_user}@%s -o StrictHostKeyChecking=no ls '/home'
output_check_str = '${guest_user}'
add_line_at_end = "echo >> ${guest_homepath}/.ssh/authorized_keys"
cmd_get_guestkey = "cat ${guest_homepath}/.ssh/authorized_keys"
cmd_del_key_file = "rm -rf ${guest_homepath}/.ssh/authorized_keys"
- administrator:
only Windows
guest_user = "Administrator"
guest_user_passwd = 'Kvm_autotest'
guest_homepath = "C:\Users\${guest_user}"
cmd_get_guestkey = "powershell.exe Get-Content C:\ProgramData\ssh\administrators_authorized_keys"
- non_admin_user:
only Windows
guest_user = "nonadminuser"
guest_user_passwd = "Redhat."
guest_homepath = "C:\Users\${guest_user}"
guest_sshdir = "${guest_homepath}\.ssh"
cmd_add_user_set_passwd = "powershell.exe $securePassword = ConvertTo-SecureString -String ${guest_user_passwd} -AsPlainText -Force;New-LocalUser -Name ${guest_user} -Password $securePassword -FullName 'New User' -Description 'Standard non-admin user';Add-LocalGroupMember -Group 'Users' -Member ${guest_user}"
cmd_remove_user = "powershell.exe Remove-LocalUser -Name ${guest_user}"
cmd_get_guestkey = "powershell.exe Get-Content ${guest_homepath}\.ssh\authorized_keys"
Windows:
install_config_openssh = "powershell.exe Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope Process -Force; WIN_UTILS:\Install_config_OpenSSH.ps1"
first_ssh_VM = sshpass -p ${guest_user_passwd} ssh ${guest_user}@%s -o StrictHostKeyChecking=no dir "${guest_homepath}"
test_login_guest = ssh ${guest_user}@%s -o StrictHostKeyChecking=no dir "${guest_homepath}"
output_check_str = "Downloads"
- check_get_cpustats:
only Linux
no RHEL.7 RHEL.8 RHEL.9.1 RHEL.9.0
Expand Down
28 changes: 18 additions & 10 deletions qemu/tests/qemu_guest_agent.py
Original file line number Diff line number Diff line change
Expand Up @@ -1322,10 +1322,10 @@ def ssh_key_test(operation, guest_name, *keys, **kwargs):
op_func(guest_name, *keys, **kwargs)
keys_ga = self.gagent.ssh_get_authorized_keys(guest_name)

add_line_at_end = params["add_line_at_end"]
if os_type == "linux":
add_line_at_end = params["add_line_at_end"]
session.cmd(add_line_at_end)
cmd_guest_keys = params["cmd_get_guestkey"]

session.cmd(add_line_at_end)
keys_guest = session.cmd_output(cmd_guest_keys).strip()
_value_compared_ga_guest(keys_ga, keys_guest, operation)
return keys_ga, keys_guest
Expand All @@ -1338,15 +1338,20 @@ def _prepared_n_restore_env(prepare=True):
"""

if prepare:
output = session.cmd_output("getenforce")
if str(output) == "Permissive":
session.cmd("setenforce 1")
session.cmd(params["set_sebool"])
if guest_user != "root":
if os_type == "linux":
if session.cmd_output("getenforce") == "Permissive":
session.cmd("setenforce 1")
session.cmd(params["set_sebool"])
else:
install_config_openssh_cmd = utils_misc.set_winutils_letter(
session, self.params["install_config_openssh"])
session.cmd(install_config_openssh_cmd, timeout=720)
if guest_user not in ["root", "Administrator"]:
session.cmd(params["cmd_add_user_set_passwd"])
else:
session.cmd(params["cmd_del_key_file"])
if guest_user != "root":
if os_type == "linux":
session.cmd(params["cmd_del_key_file"])
if guest_user not in ["root", "Administrator"]:
session.cmd(params["cmd_remove_user"])

def _generate_host_keys():
Expand Down Expand Up @@ -1407,6 +1412,9 @@ def _value_compared_ga_guest(return_value_ga,

error_context.context("Check the basic function ",
LOG_JOB.info)
if os_type == "windows":
cmd_first_ssh = params["first_ssh_VM"] % guest_ip_ipv4
process.system(cmd_first_ssh, shell=True)
host_key1 = _generate_host_keys()
ssh_key_test("add", guest_user, host_key1, reset=False)
_login_guest_test(guest_ip_ipv4)
Expand Down

0 comments on commit 45d95be

Please sign in to comment.