"memory": ["Memory", 11],
"disk": ["Disk", 12],
"sshrsahostkey": ["SSH RSA", 14],
- "sshdsahostkey": ["SSH DSA", 15],
"bandwidth": ["Bandwidth", 16]};
AttrPrompt = {"description": ["Purpose of the machine"],
"machine": ["Hardware description"],
"memory": ["Installed RAM"],
"disk": ["Disk Space, RAID levels, etc"],
- "sshrsahostkey": ["A copy of /etc/ssh/ssh_host_key.pub"],
- "sshdsahostkey": ["A copy of /etc/ssh/ssh_host_key.pub.dsa"],
+ "sshrsahostkey": ["A copy of /etc/ssh/ssh_*host_key.pub"],
"bandwidth": ["Available outbound"]};
# Create a map of IDs to desc,value,attr
# Change a single attribute
def ChangeAttr(Attrs,Attr):
- if (Attr == "sponsor" or Attr == "hostname"):
+ if (Attr == "sponsor" or Attr == "hostname" or Attr == "sshrsahostkey"):
return MultiChangeAttr(Attrs,Attr);
print "Old value: '%s'" % (GetAttr(Attrs,Attr,""));
First = 0;
for x in Attrs[1]["sshrsaauthkey"]:
if First == 0:
- print "%-24s:" % ("SSH RSA Auth Keys"),
+ print "%-24s:" % ("SSH Auth Keys"),
First = 1;
else:
print "%-24s:" % (""),
print FormatSSHAuth(x);
-# Print the SSH RSA Authentication keys for a user
-def PrintSshDSAKeys(Attrs):
- if Attrs[1].has_key("sshdsaauthkey") == 0:
- return;
- First = 0;
- for x in Attrs[1]["sshdsaauthkey"]:
- if First == 0:
- print "%-24s:" % ("SSH DSA Auth Keys"),
- First = 1;
- else:
- print "%-24s:" % (""),
-
- print FormatSSH2Auth(x);
-
# Display all of the attributes in a numbered list
def ShowAttrs(Attrs):
print;
PrintShadow(Attrs);
PrintKeys(Attrs);
PrintSshRSAKeys(Attrs);
- PrintSshDSAKeys(Attrs);
for at in Attrs[1].keys():
if AttrInfo.has_key(at):
EX_TEMPFAIL = 75;
EX_PERMFAIL = 65; # EX_DATAERR
Error = 'Message Error';
-SeenRSA = 0;
-SeenDSA = 0;
+SeenKey = 0;
SeenDNS = 0;
ArbChanges = {"c": "..",
Attrs.append((ldap.MOD_REPLACE,"longitude",sLong));
return "Position set to %s/%s (%s/%s decimal degrees)"%(sLat,sLong,Lat,Long);
-# Handle a SSH RSA authentication key, the line format is:
+# Handle an SSH authentication key, the line format is:
# [options] 1024 35 13188913666680[..] [comment]
def DoSSH(Str,Attrs):
Match = SSHAuthSplit.match(Str);
if Match == None:
- return None;
+ Match = SSH2AuthSplit.match(Str);
+ if Match == None:
+ return None;
- global SeenRSA;
- if SeenRSA:
+ global SeenKey;
+ if SeenKey:
Attrs.append((ldap.MOD_ADD,"sshrsaauthkey",Str));
return "SSH Key added "+FormatSSHAuth(Str);
Attrs.append((ldap.MOD_REPLACE,"sshrsaauthkey",Str));
- SeenRSA = 1;
+ SeenKey = 1;
return "SSH Keys replaced with "+FormatSSHAuth(Str);
-# Handle a SSH DSA authentication key, the line format is:
-# ssh-dss [key] [comment]
-def DoSSH2(Str,Attrs):
- Match = SSHDSAAuthSplit.match(Str);
- if Match == None:
- return None;
-
- global SeenDSA;
- if SeenDSA:
- Attrs.append((ldap.MOD_ADD,"sshdsaauthkey",Str));
- return "SSH2 Key added "+FormatSSH2Auth(Str);
-
- Attrs.append((ldap.MOD_REPLACE,"sshdsaauthkey",Str));
- SeenDSA = 1;
- return "SSH2 Keys replaced with "+FormatSSH2Auth(Str);
-
# Handle changing a dns entry
# host in a 12.12.12.12
# host in cname foo.bar. <- Trailing dot is required
else:
Res = DoPosition(Line,Attrs) or DoDNS(Line,Attrs,DnRecord) or \
DoArbChange(Line,Attrs) or DoSSH(Line,Attrs) or \
- DoSSH2(Line,Attrs) or DoDel(Line,Attrs);
+ DoDel(Line,Attrs);
except:
Res = None;
Result = Result + "==> %s: %s\n" %(sys.exc_type,sys.exc_value);
# SSH Key splitting. The result is:
# (options,size,modulous,exponent,comment)
SSHAuthSplit = re.compile('^(.* )?(\d+) (\d+) (\d+) ?(.+)$');
-SSHDSAAuthSplit = re.compile('^ssh-dss ([a-zA-Z0-9=/+]+) (.+)$');
+SSH2AuthSplit = re.compile('^(.* )?ssh-(dss|rsa) ([a-zA-Z0-9=/+]+) (.+)$');
#'^([^\d](?:[^ "]+(?:".*")?)*)? ?(\d+) (\d+) (\d+) (.+)$');
AddressSplit = re.compile("(.*).*<([^@]*)@([^>]*)>");
return Str;
def FormatSSH2Auth(Str):
- Match = SSHDSAAuthSplit.match(Str);
+ Match = SSH2AuthSplit.match(Str);
if Match == None:
return "<unknown format>";
G = Match.groups();
- return "ssh-dss %s..%s %s"%(G[0][:8],G[0][-8:],G[1]);
+ if G[0] == None:
+ return "ssh-%s %s..%s %s"%(G[1],G[2][:8],G[2][-8:],G[3]);
+ return "%s ssh-%s %s..%s %s"%(G[0],G[1],G[2][:8],G[2][-8:],G[3]);
def FormatSSHAuth(Str):
Match = SSHAuthSplit.match(Str);
if Match == None:
- return "<unknown format>";
+ return FormatSSH2Auth(Str);
G = Match.groups();
# No options