From 1c503b86d9bd85b09b977722b8b212728ff7a9a6 Mon Sep 17 00:00:00 2001
From: Mikhail Ushanov <gm.mephisto@gmail.com>
Date: Thu, 1 Nov 2018 01:26:18 +0300
Subject: [PATCH] communicator/ssh: expand user path for bastion private key

Signed-off-by: Mikhail Ushanov <gm.mephisto@gmail.com>
---
 helper/communicator/config.go           | 12 ++++++++++++
 helper/communicator/step_connect_ssh.go |  8 +++++++-
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/helper/communicator/config.go b/helper/communicator/config.go
index bf481a636..61424a2a5 100644
--- a/helper/communicator/config.go
+++ b/helper/communicator/config.go
@@ -277,6 +277,18 @@ func (c *Config) prepareSSH(ctx *interpolate.Context) []error {
 		if c.SSHBastionPassword == "" && c.SSHBastionPrivateKeyFile == "" {
 			errs = append(errs, errors.New(
 				"ssh_bastion_password or ssh_bastion_private_key_file must be specified"))
+		} else if c.SSHBastionPrivateKeyFile != "" {
+			path, err := homedir.Expand(c.SSHBastionPrivateKeyFile)
+			if err != nil {
+				errs = append(errs, fmt.Errorf(
+					"ssh_bastion_private_key_file is invalid: %s", err))
+			} else if _, err := os.Stat(path); err != nil {
+				errs = append(errs, fmt.Errorf(
+					"ssh_bastion_private_key_file is invalid: %s", err))
+			} else if _, err := helperssh.FileSigner(path); err != nil {
+				errs = append(errs, fmt.Errorf(
+					"ssh_bastion_private_key_file is invalid: %s", err))
+			}
 		}
 	}
 
diff --git a/helper/communicator/step_connect_ssh.go b/helper/communicator/step_connect_ssh.go
index 6bdbcffae..6517a04a7 100644
--- a/helper/communicator/step_connect_ssh.go
+++ b/helper/communicator/step_connect_ssh.go
@@ -14,6 +14,7 @@ import (
 	"github.com/hashicorp/packer/helper/multistep"
 	helperssh "github.com/hashicorp/packer/helper/ssh"
 	"github.com/hashicorp/packer/packer"
+	"github.com/mitchellh/go-homedir"
 	gossh "golang.org/x/crypto/ssh"
 	"golang.org/x/crypto/ssh/agent"
 	"golang.org/x/net/proxy"
@@ -226,7 +227,12 @@ func sshBastionConfig(config *Config) (*gossh.ClientConfig, error) {
 	}
 
 	if config.SSHBastionPrivateKeyFile != "" {
-		signer, err := helperssh.FileSigner(config.SSHBastionPrivateKeyFile)
+		path, err := homedir.Expand(config.SSHBastionPrivateKeyFile)
+		if err != nil {
+			return nil, fmt.Errorf(
+				"Error expanding path for SSH bastion private key: %s", err)
+		}
+		signer, err := helperssh.FileSigner(path)
 		if err != nil {
 			return nil, err
 		}