Use a new option :passphrase as the possible password phrase for any …

…encrypted keys.

lib/net/ssh/authentication/key_manager.rb

@@ -32,13 +32,13 @@ class KeyManager
 
         # Create a new KeyManager. By default, the manager will
         # use the ssh-agent (if it is running).
-        def initialize(logger, possible_password)
+        def initialize(logger, possible_passphrase)
           self.logger = logger
           @key_files = []
           @use_agent = true
           @known_identities = {}
           @agent = nil
-          @possible_password = possible_password
+          @possible_passphrase = possible_passphrase
         end
 
         # Clear all knowledge of any loaded user keys. This also clears the list
@@ -114,7 +114,7 @@ def sign(identity, data)
 
           if info[:key].nil? && info[:from] == :file
             begin
-              info[:key] = KeyFactory.load_private_key(info[:file], @possible_password)
+              info[:key] = KeyFactory.load_private_key(info[:file], @possible_passphrase)
             rescue Exception => e 
               raise KeyManagerError, "the given identity is known, but the private key could not be loaded: #{e.class} (#{e.message})"
             end

lib/net/ssh/authentication/session.rb

@@ -52,7 +52,7 @@ def authenticate(next_service, username, password=nil)
       transport.send_message(transport.service_request("ssh-userauth"))
       message = expect_message(SERVICE_ACCEPT)
 
-      key_manager = KeyManager.new(logger, options[:password])
+      key_manager = KeyManager.new(logger, options[:passphrase])
       Array(options[:keys]).each { |key| key_manager.add(key) }
 
       attempted = []

lib/net/ssh/key_factory.rb

@@ -33,8 +33,8 @@ def get(name)
       # whether the file describes an RSA or DSA key, and will load it
       # appropriately. The new key is returned. If the key itself is
       # encrypted (requiring a passphrase to use), the user will be
-      # prompted to enter their password. 
-      def load_private_key(filename, possible_password = nil)
+      # prompted to enter their password unless possible_passphrase works. 
+      def load_private_key(filename, possible_passphrase = nil)
         file = File.read(File.expand_path(filename))
 
         if file.match(/-----BEGIN DSA PRIVATE KEY-----/)
@@ -56,11 +56,11 @@ def load_private_key(filename, possible_password = nil)
         rescue OpenSSL::PKey::RSAError, OpenSSL::PKey::DSAError => e
           if encrypted_key
             tries += 1
-            if tries == 1 && possible_password
-              password = possible_password
+            if tries == 1 && possible_passphrase
+              password = possible_passphrase
               retry
             end
-            if tries <= (possible_password ? 4 : 3)
+            if tries <= (possible_passphrase ? 4 : 3)
               password = prompt("Enter password for #{filename}:", false)
               retry
             else

test/authentication/test_key_manager.rb

@@ -77,7 +77,7 @@ def stub_file_key(name, key, also_private=false)
         manager.add(name)
         File.expects(:readable?).with(name).returns(true)
         Net::SSH::KeyFactory.expects(:load_public_key).with("#{name}.pub").returns(key)
-        Net::SSH::KeyFactory.expects(:load_private_key).with(name).returns(key) if also_private
+        Net::SSH::KeyFactory.expects(:load_private_key).with(name, nil).returns(key) if also_private
       end
 
       def rsa(size=32)
@@ -98,4 +98,4 @@ def manager
 
   end
 
-end
+end