[Generic driver] working with remote user password and SSH key passphrase

[Oliboy50]

Problem

As seen in #1357, the generic driver is facing some authentication issues which are:

• If our SSH key has a passphrase, docker-machine create asks for the SSH key passphrase for each ssh call (there are several ssh calls to provision a machine).
• If our remote user (at least on Ubuntu) has a password, it won't be able to establish a connection because of PasswordAuthentication=no

  Proposal

Add 2 options to docker-machine create to automatically handle ssh key passphrase and user password when (and if) they are needed:

docker-machine create -d generic \
    --generic-ip-address 123.456.789.012 \
    --generic-ssh-user iNeedSudo4AdminPriviledges \
    --generic-ssh-user-password needed2EstablishConnectionAnd2UseSudo4Provisionning \
    --generic-ssh-key-passphrase secretPassphraseForMyPrivateKey
    vps

This way, we don't have to use a ssh-agent (which is painful for Windows users) or do complicated "sudo no-password" stuffs on the remote machine side.

Of course there is a security matter here because we're letting Docker Machine write temporarily our passphrase/password in its cache, but IMHO this is something needed if we want Docker Machine's generic driver to be the most user-friendly as possible.

[Oliboy50]

Actually, I think I'd prefer just to be prompted once for all when a passphrase or password is needed. Because I don't like the idea of seeing my passwords in my terminal (it sucks if we have to do a live demo).

[Oliboy50]

I'm still hoping for this to be handled in order to use Docker Machine to access my remote Ubuntu server :octocat:

[endersonmaia]

+ssh

[Oliboy50]

Just to point out that it is possible to be asked for a password without displaying it:

www-data@11304ad177ce:~/html$ travis login --pro
We need your GitHub login to identify you.

Username: oliboy50
Password for oliboy50: ************************

Successfully logged in as Oliboy50!

So I'd prefer be asked for password rather than having to set it as command option.

If Docker Machine could handle this for Generic driver... it would be really awesome for me (and other ppl maybe). Thanks

[krohrsb]

I was hoping to use machine to connect to a RHEL instance that requires password auth, however I cannot due to this issue. Please lets expose some configuration to allow both variants.

[bachi76]

... and please use the ssh-agent on systems that provide it.

[Oliboy50]

FYI, a PR is available to handle SSH User Password: #1586 Hope this will be merged soon ;)

But I think there's still a need for generic-ssh-key-passphrase

[koliyo]

+1 Related issue: https://github.com/docker/machine/issues/1833