This updates the permissions on the automatically generated private
key file to only be readable by the user. Includes support for file
permission modification on Windows platform.
As of `net-ssh` version 4.2.0, the key :paranoid has been deprecated in
favor of using :verify_host_key. This commit updates Vagrants ssh config
to use the new key, and deprecates the use of :paranoid.
This commit aligns how the file provisioner should work on all host
machines. It ensures that a `/.` is only applied if the user intended
to upload a folder to a destination under a different name. It ensures
that if uploading to a windows guest with a different destination folder
name, it does not nest the source folder under that name so that it
works the same as it does on linux platforms. It also updates the
behavior of the winrm upload communicator by allowing an array of paths
to be uploaded instead of a single file or folder to allow for this new
functionality for windows guests.
Prior to this commit, the ssh communicator would use the default cipher
list in Net::SSH to negociate which ciphers it should use between hosts.
Due to a bug in Net::SSH and the position of the `none` cipher in its
default cipher list, if a host supported the none cipher, but also
only supported other ciphers that came after none in the default list,
it would accept none and attempt to use that cipher instead of the other
supported ciphers. This commit fixes that behavior by copying the
default cipher list from Net::SSH and placing none last in the list so
that other ciphers can be used in the negotiation before attempting to
use the unsecure none cipher.
In some cases the SSH connection may be aborted while waiting
for setup. This includes aborted connections in the list of
applicable exceptions to retry on while waiting for the connection
to become available.
Fixes#8520
Prevent sending empty data strings to defined blocks handling
stderr and stdout output. These can occur when the garbage
marker is identified and collected data pruned, but no remaining
data is left to send.
Fixes#8259
This adds two new SSH configuration options:
- `keys_only`
- `paranoid`
These values were previously hard-coded, but can now be user-specified.
Fixes GH-4275
This fixes a fairly large tempfile leak. Vagrant uses a template
renderer to write network configuration files locally to disk. Then,
that temporarily file is uploaded to the remote host and moved into
place. Since Vagrant is such a short-lived process, GC never came along
and cleaned up those tempfiles, resulting in many temporary files being
created through regular Vagrant usage.
The Util::Tempfile class uses a block to ensure the temporary file is
deleted when the block finishes. This API required small tweaks to the
usage, but provides more safety to ensure the files are deleted.
Starting with PowerShell 5, the progress bar can be observed via the
Write-Progress cmdlet. From WinRM, this appears as a stderr output.
Vagrant assumes that there is error if output appears on stderr.
This terminates various scripts which previously executed successfully
in Vagrant (prior to Windows 10).
This fix injects a variable assignment at various points of the script
execution process to disable display of the progress bar.
This changes the ssh ready? method to treat ENETUNREACH the same way as
EHOSTUNREACH errors.
When attempting to SSH into a box, it tries up to 5 times to connect to
the box, ignoring various errors. Later it will catch and gracefully
handle most of those errors so that callers don't have to know the
details.
However, the Errno::ENETUNREACH error is not caught, which means that
callers that expect a clean boolean return from ready? don't get that,
and instead get an exception they probably aren't expecting.