go/net/ssh: allow multiple AuthMethods Change-Id: Icdd8c12bc959f87271db4abba3219edd0ea1b7ca Reviewed-on: https://review.monogon.dev/c/monogon/+/3434 Tested-by: Jenkins CI Reviewed-by: Lorenz Brun <lorenz@monogon.tech>

commit: d0e39cbad2e12cbb23caa7d36ccbd4821285ac51 [log] [tgz]
author: Tim Windelschmidt <tim@monogon.tech> Mon Sep 16 16:14:00 2024 +0200
committer: Lorenz Brun <lorenz@monogon.tech> Wed Sep 18 19:39:51 2024 +0000
tree: 7d233926774a9af8ca065a7dacc533f22f6a5a85
parent: e4b1d20497b31ce639b6d8d8fb7079ea49686144 [diff]
diff --git a/cloud/shepherd/mini/ssh.go b/cloud/shepherd/mini/ssh.go
index 1a2d23c..bf2e996 100644
--- a/cloud/shepherd/mini/ssh.go
+++ b/cloud/shepherd/mini/ssh.go

@@ -48,7 +48,7 @@
 
 	switch {
 	case sc.Pass != "":
-		c.AuthMethod = xssh.Password(sc.Pass)
+		c.AuthMethods = []xssh.AuthMethod{xssh.Password(sc.Pass)}
 	case sc.SSHKey.KeyPersistPath != "":
 		signer, err := sc.SSHKey.Signer()
 		if err != nil {
@@ -62,7 +62,7 @@
 
 		klog.Infof("Using ssh key auth with public key: %s", pubKey)
 
-		c.AuthMethod = xssh.PublicKeys(signer)
+		c.AuthMethods = []xssh.AuthMethod{xssh.PublicKeys(signer)}
 	}
 	return &c, nil
 }

diff --git a/cloud/shepherd/provider/equinix/main.go b/cloud/shepherd/provider/equinix/main.go
index 0fb28e1..b47c454 100644
--- a/cloud/shepherd/provider/equinix/main.go
+++ b/cloud/shepherd/provider/equinix/main.go

@@ -8,7 +8,7 @@
 	"os"
 	"os/signal"
 
-	"golang.org/x/crypto/ssh"
+	xssh "golang.org/x/crypto/ssh"
 	"k8s.io/klog/v2"
 
 	"source.monogon.dev/cloud/bmaas/bmdb"
@@ -16,7 +16,7 @@
 	"source.monogon.dev/cloud/equinix/wrapngo"
 	"source.monogon.dev/cloud/lib/component"
 	"source.monogon.dev/cloud/shepherd/manager"
-	ssh2 "source.monogon.dev/go/net/ssh"
+	"source.monogon.dev/go/net/ssh"
 )
 
 type Config struct {
@@ -91,8 +91,8 @@
 		klog.Exitf("%v", err)
 	}
 
-	sshClient := &ssh2.DirectClient{
-		AuthMethod: ssh.PublicKeys(sshSigner),
+	sshClient := &ssh.DirectClient{
+		AuthMethods: []xssh.AuthMethod{xssh.PublicKeys(sshSigner)},
 		// Equinix OS installations always use root.
 		Username: "root",
 	}

diff --git a/go/net/ssh/ssh_client.go b/go/net/ssh/ssh_client.go
index 1c52484..d0a0518 100644
--- a/go/net/ssh/ssh_client.go
+++ b/go/net/ssh/ssh_client.go

@@ -36,8 +36,8 @@
 // DirectClient implements Client (and Connection) using
 // golang.org/x/crypto/ssh.
 type DirectClient struct {
-	AuthMethod ssh.AuthMethod
-	Username   string
+	AuthMethods []ssh.AuthMethod
+	Username    string
 }
 
 type directConn struct {
@@ -54,9 +54,7 @@
 	}
 	conf := &ssh.ClientConfig{
 		User: p.Username,
-		Auth: []ssh.AuthMethod{
-			p.AuthMethod,
-		},
+		Auth: p.AuthMethods,
 		// Ignore the host key, since it's likely the first time anything logs into
 		// this device, and also because there's no way of knowing its fingerprint.
 		HostKeyCallback: ssh.InsecureIgnoreHostKey(),
commit	d0e39cbad2e12cbb23caa7d36ccbd4821285ac51	[log] [tgz]
author	Tim Windelschmidt <tim@monogon.tech>	Mon Sep 16 16:14:00 2024 +0200
committer	Lorenz Brun <lorenz@monogon.tech>	Wed Sep 18 19:39:51 2024 +0000
tree	7d233926774a9af8ca065a7dacc533f22f6a5a85
parent	e4b1d20497b31ce639b6d8d8fb7079ea49686144 [diff]