@@ -1025,9 +1025,9 @@ def _get_encoder(configuration, coding):
10251025
10261026
10271027def _get_jump_host (configuration , client_id , cloud_id , manage = False ):
1028- """Return any configured ssh jump host ssh details including address, port
1029- and username for client_id on cloud_id. If the optional manage arg is set
1030- the two additional manage key script and coding settings are added.
1028+ """Return any configured ssh jump host ssh details including address, port,
1029+ username and key for client_id on cloud_id. If the optional manage arg is
1030+ set the two additional manage key script and coding settings are added.
10311031 """
10321032 _logger = configuration .logger
10331033 jump_host = {}
@@ -1041,6 +1041,8 @@ def _get_jump_host(configuration, client_id, cloud_id, manage=False):
10411041 jump_host ['fqdn' ] = cloud_fqdn_from_ip (configuration , addr )[0 ]
10421042 jump_host ['user' ] = lookup_user_service_value (
10431043 configuration , client_id , service , 'service_jumphost_user' , '' )
1044+ jump_host ['key' ] = lookup_user_service_value (
1045+ configuration , client_id , service , 'service_jumphost_key' , '' )
10441046 # TODO: support jumphost port with port map override?
10451047 if manage :
10461048 for name in ('manage_keys_script' , 'manage_keys_coding' ):
@@ -1094,6 +1096,8 @@ def _manage_jump_host_keys(configuration, client_id, cloud_id, action,
10941096 ssh_cmd = ['ssh' ]
10951097 if jump_host ['user' ]:
10961098 ssh_cmd .append ('-oUser=%(user)s' % jump_host )
1099+ if jump_host ['key' ]:
1100+ ssh_cmd .append ('-oIdentityFile=%(key)s' % jump_host )
10971101 ssh_cmd .append ("%(fqdn)s" % jump_host )
10981102 # NOTE: remote script should restrict key access to reduce abuse risk with
10991103 # command="/bin/false",no-pty,no-agent-forwarding,no-X11-forwarding PUBKEY
0 commit comments