Exemplo n.º 1
0
Arquivo: keys.go Projeto: pancakeio/pk
// Return SSH key md5 fingerprint
func fingerprint(k ssh.PublicKey) string {
	w := md5.New()
	w.Write(ssh.MarshalPublicKey(k))
	fp := strings.TrimSpace(fmt.Sprintf("% x", w.Sum(nil)))
	fp = strings.Replace(fp, " ", ":", -1)
	return fp
}
Exemplo n.º 2
0
// ParseAuthorisedKey parses a non-comment line from an
// authorized_keys file and returns the constituent parts.
// Based on description in "man sshd".
func ParseAuthorisedKey(line string) (*AuthorisedKey, error) {
	key, comment, _, _, ok := ssh.ParseAuthorizedKey([]byte(line))
	if !ok {
		return nil, fmt.Errorf("invalid authorized_key %q", line)
	}
	keyBytes := ssh.MarshalPublicKey(key)
	return &AuthorisedKey{
		Key:     keyBytes,
		Comment: comment,
	}, nil
}
Exemplo n.º 3
0
Arquivo: keys.go Projeto: pancakeio/pk
// Find SSH keys on the local file system
func getSSHKeys(existingKeyFingerprints map[string]bool) map[string]string {
	candidateKeys := make(map[string]string)

	// get key from id_rsa.pub
	rsaKey, rsaComment, rsaErr := sshReadPubKey(idRsaPubPath)
	if rsaErr == nil {
		candidateKeys[string(ssh.MarshalPublicKey(rsaKey))] = rsaComment
	}

	// get key from id_dsa.pub
	dsaKey, dsaComment, dsaErr := sshReadPubKey(idDsaPubPath)
	if dsaErr == nil {
		candidateKeys[string(ssh.MarshalPublicKey(dsaKey))] = dsaComment
	}

	// get keys from ssh-add
	out, err := exec.Command("ssh-add", "-L").Output()
	sshAddKeys := strings.TrimSpace(string(out))
	if err == nil && sshAddKeys != "" {
		for _, k := range strings.Split(sshAddKeys, "\n") {
			key, comment, _, _, ok := ssh.ParseAuthorizedKey([]byte(k))
			if ok {
				candidateKeys[string(ssh.MarshalPublicKey(key))] = comment
			}
		}
	}

	for k, _ := range candidateKeys {
		pubKey, _, _ := ssh.ParsePublicKey([]byte(k))
		fp := fingerprint(pubKey)
		if _, ok := existingKeyFingerprints[fp]; ok {
			delete(candidateKeys, k)
		}
	}

	return candidateKeys
}
Exemplo n.º 4
0
func init() {
	template.Must(configTmpl.Parse(sshd_config))
	block, _ := pem.Decode([]byte(testClientPrivateKey))
	rsakey, _ = x509.ParsePKCS1PrivateKey(block.Bytes)

	block, _ = pem.Decode([]byte(keys["ssh_host_rsa_key"]))
	if block == nil {
		panic("pem.Decode ssh_host_rsa_key")
	}
	priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
	if err != nil {
		panic("ParsePKCS1PrivateKey: " + err.Error())
	}
	serializedHostKey = ssh.MarshalPublicKey(&priv.PublicKey)
}
Exemplo n.º 5
0
func (s *SSHGoCryptoCommandSuite) TestCommand(c *gc.C) {
	private, _, err := ssh.GenerateKey("test-server")
	c.Assert(err, gc.IsNil)
	key, err := cryptossh.ParsePrivateKey([]byte(private))
	client, err := ssh.NewGoCryptoClient(key)
	c.Assert(err, gc.IsNil)
	server := newServer(c)
	var opts ssh.Options
	opts.SetPort(server.Addr().(*net.TCPAddr).Port)
	cmd := client.Command("127.0.0.1", testCommand, &opts)
	checkedKey := false
	server.cfg.PublicKeyCallback = func(conn *cryptossh.ServerConn, user, algo string, pubkey []byte) bool {
		c.Check(pubkey, gc.DeepEquals, cryptossh.MarshalPublicKey(key.PublicKey()))
		checkedKey = true
		return true
	}
	go server.run(c)
	out, err := cmd.Output()
	c.Assert(err, gc.ErrorMatches, "ssh: could not execute command.*")
	// TODO(axw) when gosshnew is ready, expect reply from server.
	c.Assert(out, gc.IsNil)
	c.Assert(checkedKey, jc.IsTrue)
}
func (k *storedHostKey) Add(key ssh.PublicKey) {
	if k.keys == nil {
		k.keys = map[string][]byte{}
	}
	k.keys[key.PublicKeyAlgo()] = ssh.MarshalPublicKey(key)
}