Allow the use of the ssh agent for credentials
Closed this issue · 2 comments
FWest98 commented
To improve security, I would rather not have my credentials known in any way to Terraform, and it would be great if this library allows the use of the SSH agent for credentials. According to https://github.com/appleboy/easyssh-proxy/blob/master/example/ssh/ssh.go#L15 this is already implemented in your proxy library, so this seems to be possible simply in the provider. For example, you could add a flag use_agent to explicitly enable this scenario and still give an error when a user unintentionally does not give either a password or private key.
loafoe commented
Thanks for the suggestion, agree the default should be to use SSH agent to prevent the private key from making it into the state. I'll create a PR shortly