Merge pull request #6 from Stocard/encrypted_private_key

Adds support for encrypted private keys.

Author: Junkern

README.md

@@ -87,6 +87,7 @@ Options are an object with following properties:
 * `agentForward` (optional): Is a `boolean` which uses the `ssh-agent` for connection (defaults to `false`.
 * `endHost` (required): The host you want to end up on (connect to)
 * `bastionHost` (optional): You can specify a bastion host if you want
+* `passphrase` (optional): You can specify the passphrase when you have an encrypted private key. If you don't specify the passphrase and you use an encrypted private key, you get prompted in the command line. 
 
 #### `connection.executeCommand(command: string): Promise<void>`
 

src/Connection.ts

@@ -20,12 +20,14 @@ import * as net from 'net'
 import * as fs from 'fs'
 import * as os from 'os'
 import * as path from 'path'
+import *  as readline from 'readline'
 
 interface Options {
   username?: string
   privateKey?: string | Buffer,
   agentForward? : boolean,
-  bastionHost?: string
+  bastionHost?: string,
+  passphrase?: string
   endHost: string
 }
 
@@ -124,15 +126,16 @@ class SSHConnection {
 
   private async connect(host: string, stream?: NodeJS.ReadableStream): Promise<Client> {
     const connection = new Client()
-    return new Promise<Client>((resolve) => {
+    return new Promise<Client>(async (resolve) => {
       const options = {
         host,
         username: this.options.username,
         privateKey: this.options.privateKey
       }
       if (this.options.agentForward) {
         options['agentForward'] = true
-        const agentSock = process.env['SSH_AUTH_SOCK'] // guaranteed to give the ssh agent sock if the agent is running
+        // guaranteed to give the ssh agent sock if the agent is running
+        const agentSock = process.env['SSH_AUTH_SOCK']
         if (agentSock === undefined) {
           throw new Error('SSH Agent is not running and not set in the SSH_AUTH_SOCK env variable')
         }
@@ -141,6 +144,9 @@ class SSHConnection {
       if (stream) {
         options['sock'] = stream
       }
+      if (options.privateKey && options.privateKey.toString().toLowerCase().includes('encrypted')) {
+        options['passphrase'] = (this.options.passphrase) ? this.options.passphrase : await this.getPassphrase()
+      }
       connection.connect(options)
       connection.on('ready', () => {
         this.connections.push(connection)
@@ -149,6 +155,18 @@ class SSHConnection {
     })
   }
 
+  private async getPassphrase() {
+    return new Promise((resolve) => {
+      const rl = readline.createInterface({
+        input: process.stdin,
+        output: process.stdout
+      })
+      rl.question('Please type in the passphrase for your private key', (answer) => {
+        return resolve(answer)
+      })
+    })
+  }
+
   async forward(options: ForwardingOptions) {
     const connection = await this.establish()
     return new Promise((resolve, reject) => {