From 0ed55c82789b31b34176a2fdb803dd09a4d6e686 Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Sat, 14 Sep 2019 12:51:24 +0200
Subject: [PATCH] Copy the ssh_keys_users facter from Tor

---
 modules/ssh/lib/facter/ssh_keys_users.rb | 34 ++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 modules/ssh/lib/facter/ssh_keys_users.rb

diff --git a/modules/ssh/lib/facter/ssh_keys_users.rb b/modules/ssh/lib/facter/ssh_keys_users.rb
new file mode 100644
index 000000000..308a0eca4
--- /dev/null
+++ b/modules/ssh/lib/facter/ssh_keys_users.rb
@@ -0,0 +1,34 @@
+require 'etc'
+
+# this fact will iterate over all the known users (as defined by the
+# Etc module) and look in their .ssh directory for public keys. the
+# public keys are exported in a user => [keys] hash, where keys are
+# stored in the array without distinction of type
+Facter.add(:ssh_keys_users) do
+  setcode do
+    keys_hash = {}
+    Etc.passwd { |user|
+      keys = {}
+      Dir.glob(File.join(user.dir, '.ssh', '*.pub')).each { |filepath|
+        if FileTest.file?(filepath)
+          regex = %r{^ssh-(\S+) (\S+)\s?(.+)?$}
+          begin
+            line = File.open(filepath).read.chomp
+            if (match = regex.match(line))
+                keys[File.basename(filepath)] = {
+                    'type' => match[1],
+                    'key' => match[2],
+                    'comment' => match[3],
+                    'line' => line,
+                }
+            end
+          rescue
+            puts "cannot read user SSH key: " + user.name
+          end
+        end
+      }
+      keys_hash[user.name] = keys if not keys.empty?
+    }
+    keys_hash
+  end
+end
-- 
2.20.1