Allow SSH connection callers to not permit agent usage
While debugging the ``rescue`` test functionality with ironic's
tempest plugin, we discovered that if the environment suggests the
agent is available, then we may enter a situation where the test
can fail because paramiko prefers ssh over password authentication.
This is important, because for rescue functionality in particular,
it is password authentication based without the use of SSH keys,
as a temporary password is generated by the services and provided
to the user requesting to rescue the instance/node.
Instead of trying to make an assumption that password being present
means we should just disable the agent, explicitly allow the caller
to specify it.
Change-Id: Iefb6cb5cb80eb2b9a4307912c4d6d07c684ed70a
diff --git a/releasenotes/notes/add-ssh-allow-agent-2dee6448fd250e50.yaml b/releasenotes/notes/add-ssh-allow-agent-2dee6448fd250e50.yaml
new file mode 100644
index 0000000..33f11ce
--- /dev/null
+++ b/releasenotes/notes/add-ssh-allow-agent-2dee6448fd250e50.yaml
@@ -0,0 +1,10 @@
+---
+features:
+ - |
+ Adds a ``ssh_allow_agent`` parameter to the ``RemoteClient`` class
+ wrapper and the direct ssh ``Client`` class to allow a caller to
+ explicitly request that the SSH Agent is not consulted for
+ authentication. This is useful if your attempting explicit password
+ based authentication as ``paramiko``, the underlying library used for
+ SSH, defaults to utilizing an ssh-agent process before attempting
+ password authentication.