From: rmurray <> Date: Mon, 3 Dec 2001 04:01:45 +0000 (+0000) Subject: ssh2 RSA support. have only one SSH key field for all three key styles X-Git-Tag: debian_userdir-ldap_0-3-7~103 X-Git-Url: https://git.adam-barratt.org.uk/?p=mirror%2Fuserdir-ldap.git;a=commitdiff_plain;h=c36736bdd1248d73961a9c5df8f3b8e0434b75f1 ssh2 RSA support. have only one SSH key field for all three key styles --- diff --git a/ud-host b/ud-host index e16e31a..09a91ec 100755 --- a/ud-host +++ b/ud-host @@ -27,7 +27,6 @@ AttrInfo = {"description": ["Machine Descr.", 1], "memory": ["Memory", 11], "disk": ["Disk", 12], "sshrsahostkey": ["SSH RSA", 14], - "sshdsahostkey": ["SSH DSA", 15], "bandwidth": ["Bandwidth", 16]}; AttrPrompt = {"description": ["Purpose of the machine"], @@ -42,8 +41,7 @@ AttrPrompt = {"description": ["Purpose of the machine"], "machine": ["Hardware description"], "memory": ["Installed RAM"], "disk": ["Disk Space, RAID levels, etc"], - "sshrsahostkey": ["A copy of /etc/ssh/ssh_host_key.pub"], - "sshdsahostkey": ["A copy of /etc/ssh/ssh_host_key.pub.dsa"], + "sshrsahostkey": ["A copy of /etc/ssh/ssh_*host_key.pub"], "bandwidth": ["Available outbound"]}; # Create a map of IDs to desc,value,attr @@ -94,7 +92,7 @@ def ShowAttrs(Attrs): # Change a single attribute def ChangeAttr(Attrs,Attr): - if (Attr == "sponsor" or Attr == "hostname"): + if (Attr == "sponsor" or Attr == "hostname" or Attr == "sshrsahostkey"): return MultiChangeAttr(Attrs,Attr); print "Old value: '%s'" % (GetAttr(Attrs,Attr,"")); diff --git a/ud-info b/ud-info index 3d31555..dbbb61a 100755 --- a/ud-info +++ b/ud-info @@ -132,27 +132,13 @@ def PrintSshRSAKeys(Attrs): First = 0; for x in Attrs[1]["sshrsaauthkey"]: if First == 0: - print "%-24s:" % ("SSH RSA Auth Keys"), + print "%-24s:" % ("SSH Auth Keys"), First = 1; else: print "%-24s:" % (""), print FormatSSHAuth(x); -# Print the SSH RSA Authentication keys for a user -def PrintSshDSAKeys(Attrs): - if Attrs[1].has_key("sshdsaauthkey") == 0: - return; - First = 0; - for x in Attrs[1]["sshdsaauthkey"]: - if First == 0: - print "%-24s:" % ("SSH DSA Auth Keys"), - First = 1; - else: - print "%-24s:" % (""), - - print FormatSSH2Auth(x); - # Display all of the attributes in a numbered list def ShowAttrs(Attrs): print; @@ -161,7 +147,6 @@ def ShowAttrs(Attrs): PrintShadow(Attrs); PrintKeys(Attrs); PrintSshRSAKeys(Attrs); - PrintSshDSAKeys(Attrs); for at in Attrs[1].keys(): if AttrInfo.has_key(at): diff --git a/ud-mailgate b/ud-mailgate index 6764c88..cdd3fd4 100755 --- a/ud-mailgate +++ b/ud-mailgate @@ -15,8 +15,7 @@ ReplayCacheFile = ConfModule.replaycachefile; EX_TEMPFAIL = 75; EX_PERMFAIL = 65; # EX_DATAERR Error = 'Message Error'; -SeenRSA = 0; -SeenDSA = 0; +SeenKey = 0; SeenDNS = 0; ArbChanges = {"c": "..", @@ -158,38 +157,24 @@ def DoPosition(Str,Attrs): Attrs.append((ldap.MOD_REPLACE,"longitude",sLong)); return "Position set to %s/%s (%s/%s decimal degrees)"%(sLat,sLong,Lat,Long); -# Handle a SSH RSA authentication key, the line format is: +# Handle an SSH authentication key, the line format is: # [options] 1024 35 13188913666680[..] [comment] def DoSSH(Str,Attrs): Match = SSHAuthSplit.match(Str); if Match == None: - return None; + Match = SSH2AuthSplit.match(Str); + if Match == None: + return None; - global SeenRSA; - if SeenRSA: + global SeenKey; + if SeenKey: Attrs.append((ldap.MOD_ADD,"sshrsaauthkey",Str)); return "SSH Key added "+FormatSSHAuth(Str); Attrs.append((ldap.MOD_REPLACE,"sshrsaauthkey",Str)); - SeenRSA = 1; + SeenKey = 1; return "SSH Keys replaced with "+FormatSSHAuth(Str); -# Handle a SSH DSA authentication key, the line format is: -# ssh-dss [key] [comment] -def DoSSH2(Str,Attrs): - Match = SSHDSAAuthSplit.match(Str); - if Match == None: - return None; - - global SeenDSA; - if SeenDSA: - Attrs.append((ldap.MOD_ADD,"sshdsaauthkey",Str)); - return "SSH2 Key added "+FormatSSH2Auth(Str); - - Attrs.append((ldap.MOD_REPLACE,"sshdsaauthkey",Str)); - SeenDSA = 1; - return "SSH2 Keys replaced with "+FormatSSH2Auth(Str); - # Handle changing a dns entry # host in a 12.12.12.12 # host in cname foo.bar. <- Trailing dot is required @@ -241,7 +226,7 @@ def HandleChange(Reply,DnRecord,Key): else: Res = DoPosition(Line,Attrs) or DoDNS(Line,Attrs,DnRecord) or \ DoArbChange(Line,Attrs) or DoSSH(Line,Attrs) or \ - DoSSH2(Line,Attrs) or DoDel(Line,Attrs); + DoDel(Line,Attrs); except: Res = None; Result = Result + "==> %s: %s\n" %(sys.exc_type,sys.exc_value); diff --git a/userdir_ldap.py b/userdir_ldap.py index 888158e..827d8b1 100644 --- a/userdir_ldap.py +++ b/userdir_ldap.py @@ -32,7 +32,7 @@ LastNamesPre = {"van": None, "le": None, "de": None, "di": None}; # SSH Key splitting. The result is: # (options,size,modulous,exponent,comment) SSHAuthSplit = re.compile('^(.* )?(\d+) (\d+) (\d+) ?(.+)$'); -SSHDSAAuthSplit = re.compile('^ssh-dss ([a-zA-Z0-9=/+]+) (.+)$'); +SSH2AuthSplit = re.compile('^(.* )?ssh-(dss|rsa) ([a-zA-Z0-9=/+]+) (.+)$'); #'^([^\d](?:[^ "]+(?:".*")?)*)? ?(\d+) (\d+) (\d+) (.+)$'); AddressSplit = re.compile("(.*).*<([^@]*)@([^>]*)>"); @@ -215,17 +215,19 @@ def DecDegree(Posn,Anon=0): return Str; def FormatSSH2Auth(Str): - Match = SSHDSAAuthSplit.match(Str); + Match = SSH2AuthSplit.match(Str); if Match == None: return ""; G = Match.groups(); - return "ssh-dss %s..%s %s"%(G[0][:8],G[0][-8:],G[1]); + if G[0] == None: + return "ssh-%s %s..%s %s"%(G[1],G[2][:8],G[2][-8:],G[3]); + return "%s ssh-%s %s..%s %s"%(G[0],G[1],G[2][:8],G[2][-8:],G[3]); def FormatSSHAuth(Str): Match = SSHAuthSplit.match(Str); if Match == None: - return ""; + return FormatSSH2Auth(Str); G = Match.groups(); # No options