diff options
Diffstat (limited to 'scripts/testing/lib')
| -rwxr-xr-x | scripts/testing/lib/vm-utils.sh | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/scripts/testing/lib/vm-utils.sh b/scripts/testing/lib/vm-utils.sh index 6d9f6f6..10c0ca5 100755 --- a/scripts/testing/lib/vm-utils.sh +++ b/scripts/testing/lib/vm-utils.sh @@ -433,6 +433,8 @@ copy_from_vm() { # PermitRootLogin prohibit-password and reloads sshd partway through, which kills # root *password* login. Without a key in place first, every SSH after that step # fails and the run aborts before any validation. Key auth survives the hardening. +# Targets root@$VM_IP on $SSH_PORT so it works for both the local VM runner +# (VM_IP=localhost, port 2222) and the bare-metal runner (VM_IP=host, port 22). inject_root_key() { local key="$1" rm -f "$key" "$key.pub" @@ -440,7 +442,7 @@ inject_root_key() { warn "Root key generation failed - run may break at sshd hardening" return 1 fi - if sshpass -p "$ROOT_PASSWORD" ssh $SSH_OPTS -p "$SSH_PORT" root@localhost \ + if sshpass -p "$ROOT_PASSWORD" ssh $SSH_OPTS -p "$SSH_PORT" "root@${VM_IP:-localhost}" \ "mkdir -p /root/.ssh && chmod 700 /root/.ssh && cat >> /root/.ssh/authorized_keys && chmod 600 /root/.ssh/authorized_keys" \ < "$key.pub" >> "$LOGFILE" 2>&1; then SSH_KEY_OPT="-i $key" |