Allow for not being prompted to supply a password to deploy keys to a minion with salt-ssh

salt/client/ssh/__init__.py

@@ -341,12 +341,12 @@ class SSH(object):
         '''
         Deploy the SSH key if the minions don't auth
         '''
-        if not isinstance(ret[host], dict) or self.opts.get('ssh_key_deploy'):
+        if not isinstance(ret[host], dict) or self.opts.get('ssh_key_deploy') is True:
             target = self.targets[host]
             if target.get('passwd', False) or self.opts['ssh_passwd']:
                 self._key_deploy_run(host, target, False)
             return ret
-        if ret[host].get('stderr', '').count('Permission denied'):
+        if ret[host].get('stderr', '').count('Permission denied') and not self.opts.get('ssh_key_deploy') is False:
             target = self.targets[host]
             # permission denied, attempt to auto deploy ssh key
             print(('Permission denied for host {0}, do you want to deploy '

salt/utils/parsers.py

@@ -3014,12 +3014,21 @@ class SaltSSHOptionParser(six.with_metaclass(OptionParserMeta,
         auth_group.add_option(
             '--key-deploy',
             dest='ssh_key_deploy',
-            default=False,
+            default=None,
             action='store_true',
             help='Set this flag to attempt to deploy the authorized ssh key '
                  'with all minions. This combined with --passwd can make '
                  'initial deployment of keys very fast and easy.'
         )
+        auth_group.add_option(
+            '--no-key-deploy',
+            dest='ssh_key_deploy',
+            default=None,
+            action='store_false',
+            help='Set this flag to stop salt-ssh from attempting to deploy an authorized ssh key '
+                 'with all minions.  This is useful to skip the message about deploying to minions '
+                 'that cannot be logged into.'
+        )
         auth_group.add_option(
             '--identities-only',
             dest='ssh_identities_only',