Dev: bootstrap: Avoid hardcoding the ssh key type as RSA

Replace remote_public_key_from as ssh_key.fetch_public_key_list
ClusterLabs · Nov 1, 2024 · 999c02b · 999c02b
1 parent f4700eb
commit 999c02b
Showing 1 changed file with 3 additions and 21 deletions.
diff --git a/crmsh/bootstrap.py b/crmsh/bootstrap.py
@@ -1078,7 +1078,7 @@ def export_ssh_key_non_interactive(local_user_to_export, remote_user_to_swap, re
 
 def import_ssh_key(local_user, remote_user, local_sudoer, remote_node, remote_sudoer):
     "Copy ssh key from remote to local authorized_keys"
-    remote_key_content = remote_public_key_from(remote_user, local_sudoer, remote_node, remote_sudoer)
+    remote_key_content = ssh_key.fetch_public_key_list(remote_node, remote_user, with_content=True)[0]
     _, _, local_authorized_file = key_files(local_user).values()
     if not utils.check_text_included(remote_key_content, local_authorized_file, remote=None):
         sh.LocalShell().get_stdout_or_raise_error(
@@ -1183,7 +1183,7 @@ def init_qnetd_remote():
     Triggered by join_cluster, this function adds the joining node's key to the qnetd's authorized_keys
     """
     local_user, remote_user, join_node = _select_user_pair_for_ssh_for_secondary_components(_context.cluster_node)
-    join_node_key_content = remote_public_key_from(remote_user, local_user, join_node, remote_user)
+    join_node_key_content = ssh_key.fetch_public_key_list(join_node, remote_user, with_content=True)[0]
     qnetd_host = corosync.get_value("quorum.device.net.host")
     _, qnetd_user, qnetd_host = _select_user_pair_for_ssh_for_secondary_components(qnetd_host)
     authorized_key_manager = ssh_key.AuthorizedKeyManager(sh.cluster_shell())
@@ -1528,7 +1528,7 @@ def _setup_passwordless_ssh_for_qnetd(cluster_node_list: typing.List[str]):
             if node == utils.this_node():
                 continue
             local_user, remote_user, node = _select_user_pair_for_ssh_for_secondary_components(node)
-            remote_key_content = remote_public_key_from(remote_user, local_user, node, remote_user)
+            remote_key_content = ssh_key.fetch_public_key_list(node, remote_user, with_content=True)[0]
             in_memory_key = ssh_key.InMemoryPublicKey(remote_key_content)
             ssh_key.AuthorizedKeyManager(cluster_shell).add(qnetd_addr, qnetd_user, in_memory_key)
 
@@ -1690,24 +1690,6 @@ def swap_public_ssh_key(
             logger.warning(e)
 
 
-def remote_public_key_from(remote_user, local_sudoer, remote_node, remote_sudoer):
-    "Get the id_rsa.pub from the remote node"
-    cmd = 'cat ~/.ssh/id_rsa.pub'
-    result = sh.LocalShell().su_subprocess_run(
-        local_sudoer,
-        'ssh {} {}@{} sudo -H -u {} /bin/sh'.format(constants.SSH_OPTION, remote_sudoer, remote_node, remote_user),
-        input=cmd.encode('utf-8'),
-        stdout=subprocess.PIPE,
-        stderr=subprocess.PIPE,
-        )
-    if result.returncode != 0:
-        utils.fatal("Can't get the remote id_rsa.pub from {}: {}".format(
-            remote_node,
-            codecs.decode(result.stderr, 'utf-8', 'replace'),
-        ))
-    return result.stdout.decode('utf-8')
-
-
 def join_csync2(seed_host, remote_user):
     """
     Csync2 configuration for joining node.