You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently when a provisioner to copies a file to a resource through ssh, I need to explicitly tell terraform where my key is which makes my terraform file less portable unless I add it as an ENV variable. I think it would make sense for terraform to attempt to autodetect the key from my ~/.ssh like most applications do.
The text was updated successfully, but these errors were encountered:
ikassi
changed the title
Autodetect ssh keys - feature request
feature request: Autodetect ssh keys
Jun 29, 2018
ikassi
changed the title
feature request: Autodetect ssh keys
Feature request: Autodetect ssh keys
Jun 29, 2018
Terraform's design here is assuming that the key is generated and registered within the configuration itself, acting as a system provisioning key rather than a per-use key. This is a common pattern with many cloud providers, but I do see that there are use-cases where SSH keys and users are being centrally managed by a config management system and it's better to have each person use their own credentials when running Terraform, just as we do for providers.
The ability to opt-in to trying already-existing SSH keys on the system seems reasonable. In the mean time, you should be able to get something like what you want here by running an ssh-agent (generally preferable than a fixed key anyway, because the key can then have a passphrase) and setting agent = true in the connection block to instruct Terraform to use it. Then any key you have loaded and decrypted into that agent will be available for Terraform's use, independently of where on disk that key was loaded from.
Terraform Version
Terraform Configuration Files
Expected Behavior
Currently when a provisioner to copies a file to a resource through ssh, I need to explicitly tell terraform where my key is which makes my terraform file less portable unless I add it as an ENV variable. I think it would make sense for terraform to attempt to autodetect the key from my ~/.ssh like most applications do.
The text was updated successfully, but these errors were encountered: