From 8f08b6abc0786ae3d6bdfd16926d8ed82bce05f5 Mon Sep 17 00:00:00 2001
From: Kimmo Lehto <klehto@mirantis.com>
Date: Thu, 7 Sep 2023 13:44:15 +0300
Subject: [PATCH] Fix ssh keypath defaulting

Signed-off-by: Kimmo Lehto <klehto@mirantis.com>
---
 ssh.go       | 16 +++++++++++-----
 test/test.sh | 11 +++++++++++
 2 files changed, 22 insertions(+), 5 deletions(-)

diff --git a/ssh.go b/ssh.go
index cb76679b..a8c46905 100644
--- a/ssh.go
+++ b/ssh.go
@@ -49,7 +49,7 @@ type PasswordCallback func() (secret string, err error)
 
 var (
 	authMethodCache   = sync.Map{}
-	defaultKeypaths   = []string{"~/.ssh/id_rsa", "~/.ssh/identity", "~/.ssh/id_dsa"}
+	defaultKeypaths   = []string{"~/.ssh/id_rsa", "~/.ssh/identity", "~/.ssh/id_dsa", "~/.ssh/id_ecdsa", "~/.ssh/id_ed25519"}
 	dummyhostKeyPaths []string
 	globalOnce        sync.Once
 	knownHostsMU      sync.Mutex
@@ -130,6 +130,16 @@ func (c *SSH) initGlobalDefaults() {
 			dummyhostKeyPaths = append(dummyhostKeyPaths, expanded)
 		}
 	}
+	for _, defaultKeypath := range defaultKeypaths {
+		if expanded, err := expandAndValidatePath(defaultKeypath); err == nil {
+			for _, dummyHostKeyPath := range dummyhostKeyPaths {
+			  if dummyHostKeyPath == expanded {
+			    continue
+			  }
+			}
+			dummyhostKeyPaths = append(dummyhostKeyPaths, defaultKeypath)
+		}
+	}
 }
 
 func findUniq(a, b []string) (string, bool) {
@@ -163,10 +173,6 @@ func (c *SSH) SetDefaults() {
 		c.KeyPath = nil
 
 		paths := c.keypathsFromConfig()
-		if len(paths) == 0 {
-			// no paths found in ssh config either, use defaults
-			paths = append(paths, defaultKeypaths...)
-		}
 
 		for _, p := range paths {
 			expanded, err := expandAndValidatePath(p)
diff --git a/test/test.sh b/test/test.sh
index aca48153..43f7c0c2 100755
--- a/test/test.sh
+++ b/test/test.sh
@@ -170,6 +170,17 @@ rig_test_key_from_path() {
   RET=$exit_code
 }
 
+rig_test_key_from_default_location() {
+  color_echo "- Testing keypath from default location"
+  make create-host
+  mv .ssh/identity .ssh/id_ecdsa
+  set +e
+  ./rigtest -host 127.0.0.1:$(ssh_port node0) -user root
+  local exit_code=$?
+  set -e
+  RET=$exit_code
+}
+
 rig_test_protected_key_from_path() {
   color_echo "- Testing regular keypath to encrypted key, two hosts"
   make create-host KEY_PASSPHRASE=testPhrase REPLICAS=2