tests: Allow public keys for authentication to the remote machines

Part of the work for https://fedorahosted.org/freeipa/ticket/3621

ipatests/test_integration/config.py

@@ -37,6 +37,7 @@ class Config(object):
 
         self.test_dir = kwargs.get('test_dir', '/root/ipatests')
         self.root_password = kwargs.get('root_password')
+        self.root_ssh_key_filename = kwargs.get('root_ssh_key_filename')
         self.ipv6 = bool(kwargs.get('ipv6', False))
         self.debug = bool(kwargs.get('debug', False))
         self.admin_name = kwargs.get('admin_name') or 'admin'
@@ -50,6 +51,9 @@ class Config(object):
         self.ntp_server = kwargs.get('ntp_server') or (
             '%s.pool.ntp.org' % random.randint(0, 3))
 
+        if not self.root_password and not self.root_ssh_key_filename:
+            self.root_ssh_key_filename = '~/.ssh/id_rsa'
+
         self.domains = []
 
     @classmethod
@@ -63,7 +67,10 @@ class Config(object):
             by default /root/ipatests
         IPv6SETUP: "TRUE" if setting up with IPv6
         IPADEBUG: non-empty if debugging is turned on
+        IPA_ROOT_SSH_KEY: File with root's private RSA key for SSH
+            (default: ~/.ssh/id_rsa)
         IPA_ROOT_SSH_PASSWORD: SSH password for root
+            (used if IPA_ROOT_SSH_KEY is not set)
 
         ADMINID: Administrator username
         ADMINPW: Administrator password
@@ -87,6 +94,7 @@ class Config(object):
                    ipv6=(env.get('IPv6SETUP') == 'TRUE'),
                    debug=env.get('IPADEBUG'),
                    root_password=env.get('IPA_ROOT_SSH_PASSWORD'),
+                   root_ssh_key_filename=env.get('IPA_ROOT_SSH_KEY'),
                    admin_name=env.get('ADMINID'),
                    admin_password=env.get('ADMINPW'),
                    dirman_dn=env.get('ROOTDN'),
@@ -115,6 +123,7 @@ class Config(object):
         env['IPv6SETUP'] = 'TRUE' if self.ipv6 else ''
         env['IPADEBUG'] = 'TRUE' if self.debug else ''
         env['IPA_ROOT_SSH_PASSWORD'] = self.root_password or ''
+        env['IPA_ROOT_SSH_KEY'] = self.root_ssh_key_filename or ''
 
         env['ADMINID'] = self.admin_name
         env['ADMINPW'] = self.admin_password

ipatests/test_integration/host.py

@@ -145,6 +145,7 @@ class Host(object):
             self.role = 'other'
 
         self.root_password = self.config.root_password
+        self.root_ssh_key_filename = self.config.root_ssh_key_filename
         self.host_key = None
         self.ssh_port = 22
 
@@ -233,8 +234,19 @@ class Host(object):
         except AttributeError:
             sock = socket.create_connection((self.hostname, self.ssh_port))
             self._transport = transport = paramiko.Transport(sock)
-            transport.connect(hostkey=self.host_key, username='root',
+            transport.connect(hostkey=self.host_key)
+            if self.root_ssh_key_filename:
+                self.log.debug('Authenticating with private RSA key')
+                filename = os.path.expanduser(self.root_ssh_key_filename)
+                key = paramiko.RSAKey.from_private_key_file(filename)
+                transport.auth_publickey(username='root', key=key)
+            elif self.root_password:
+                self.log.debug('Authenticating with password')
+                transport.auth_password(username='root',
                                         password=self.root_password)
+            else:
+                self.log.critical('No SSH credentials configured')
+                raise RuntimeError('No SSH credentials configured')
             return transport
 
     @property