Login With Public Key authenticates successfully using invalid keyfile

[paulbarola]

Currently login_with_public_key will still pass even if you provide an invalid keyfile as long as you provide the correct user password in the 'password' parameter. According to documentation, 'password' parameter should act as a 'passphrase' for the keyfile if it is needed. Current implementation seems to default to normal log in when invalid keyfile is provided.
I think 'password' should no longer be provided using this keyword since users really intend to login using their provided keyfile and should fail if this is invalid. 'password' argument should also be replaced by 'passphrase' to avoid confusion for provided 'passphrase' for the keyfile.

[mihaiparvu]

PR #267 replaces password argument with passphrase when using Login with Public Key keyword and the behavior is the expected one: The keyword fails when an invalid key is provided regardless of the credentials.

The problem is that passphrase argument was added very recently in paramiko, starting from version 2.4 according to their documentation. SSHLibrary supports all paramiko versions starting from 1.15.3 and merging this PR would make it backward incompatible with almost all older versions.

My proposal would be not to merge this PR for some time, because a lot of people still use older versions of paramiko. I would suggest that at the moment to only update the documentation of this keyword, to explain the current behavior, something along the lines of: the keyword will pass if the credentials are correct even if the supplied keyfile is invalid.

What do you @paulbarola think about this?

[paulbarola]

Okay I understand. For now, you can just include it on documentation and just implement it in the future.

[mihaiparvu]

For this issue the documentation was updated. A new issue was created for passphrase argument: #273.