summaryrefslogtreecommitdiffstats
path: root/src/lib
diff options
context:
space:
mode:
authorNarayan Desai <desai@mcs.anl.gov>2004-10-30 15:07:47 +0000
committerNarayan Desai <desai@mcs.anl.gov>2004-10-30 15:07:47 +0000
commit44c1b9e9f2a0245031faaf0420d0d8025a2f69fc (patch)
tree79db71a93c76beced6aa65695b3af10e58c6f672 /src/lib
parent5adc05d4cd1c588ae68c5f119c5e2923550b1faf (diff)
downloadbcfg2-44c1b9e9f2a0245031faaf0420d0d8025a2f69fc.tar.gz
bcfg2-44c1b9e9f2a0245031faaf0420d0d8025a2f69fc.tar.bz2
bcfg2-44c1b9e9f2a0245031faaf0420d0d8025a2f69fc.zip
Change mode to -rw-r--r--
(Logical change 1.136) git-svn-id: https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2@608 ce84e21b-d406-0410-9b95-82705330c041
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/Server/Generators/sshbase.py109
1 files changed, 0 insertions, 109 deletions
diff --git a/src/lib/Server/Generators/sshbase.py b/src/lib/Server/Generators/sshbase.py
deleted file mode 100644
index 8344eb239..000000000
--- a/src/lib/Server/Generators/sshbase.py
+++ /dev/null
@@ -1,109 +0,0 @@
-'''This module manages ssh key files for bcfg2'''
-__revision__ = '$Revision$'
-
-from binascii import b2a_base64
-from os import rename, system
-from socket import gethostbyname, gaierror
-
-from Bcfg2.Server.Generator import Generator, DirectoryBacked
-
-class sshbase(Generator):
- '''The sshbase generator manages ssh host keys (both v1 and v2)
- for hosts. It also manages the ssh_known_hosts file. It can
- integrate host keys from other management domains and similarly
- export its keys. The repository contains files in the following
- formats:
-
- ssh_host_key.H_(hostname) -> the v1 host private key for
- (hostname)
- ssh_host_key.pub.H_(hostname) -> the v1 host public key
- for (hostname)
- ssh_host_(dr)sa_key.H_(hostname) -> the v2 ssh host
- private key for (hostname)
- ssh_host_(dr)sa_key.pub.H_(hostname) -> the v2 ssh host
- public key for (hostname)
- ssh_known_hosts -> the current known hosts file. this
- is regenerated each time a new key is generated.
-'''
- __name__ = 'sshbase'
- __version__ = '$Id$'
- __author__ = 'bcfg-dev@mcs.anl.gov'
-
- pubkeys = ["ssh_host_dsa_key.pub.H_%s",
- "ssh_host_rsa_key.pub.H_%s", "ssh_host_key.pub.H_%s"]
- hostkeys = ["ssh_host_dsa_key.H_%s",
- "ssh_host_rsa_key.H_%s", "ssh_host_key.H_%s"]
-
- def __setup__(self):
- self.repository = DirectoryBacked(self.data, self.core.fam)
- self.__provides__ = {'ConfigFile':
- {'/etc/ssh/ssh_known_hosts':self.build_skn,
- '/etc/ssh/ssh_host_dsa_key':self.build_hk,
- '/etc/ssh/ssh_host_rsa_key':self.build_hk,
- '/etc/ssh/ssh_host_dsa_key.pub':self.build_hk,
- '/etc/ssh/ssh_host_rsa_key.pub':self.build_hk,
- '/etc/ssh/ssh_host_key':self.build_hk,
- '/etc/ssh/ssh_host_key.pub':self.build_hk}}
-
- def build_skn(self, entry, metadata):
- '''This function builds builds a host specific known_hosts file'''
- client = metadata.hostname
- filedata = self.repository.entries['ssh_known_hosts'].data
- ipaddr = gethostbyname(client)
- keylist = [x % client for x in self.pubkeys]
- for hostkey in keylist:
- filedata += "%s,%s,%s %s" % (client, "%s.mcs.anl.gov"%(client),
- ipaddr, self.repository.entries[hostkey].data)
- entry.attrib.update({'owner':'root', 'group':'root', 'perms':'0644'})
- entry.text = filedata
-
- def build_hk(self, entry, metadata):
- '''This binds host key data into entries'''
- client = metadata.hostname
- filename = "%s.H_%s" % (entry.attrib['name'].split('/')[-1], client)
- if filename not in self.repository.entries.keys():
- self.GenerateHostKeys(client)
- self.GenerateKnownHosts()
- keydata = self.repository.entries[filename].data
- perms = '0600'
- if filename[-4:] == '.pub':
- perms = '0644'
- entry.attrib.update({'owner':'root', 'group':'root', 'perms':perms})
- entry.text = keydata
- if "ssh_host_key.H_" in filename:
- entry.attrib['encoding'] = 'base64'
- entry.text = b2a_base64(keydata)
-
- def GenerateKnownHosts(self):
- '''Build the static portion of known_hosts (for all hosts)'''
- output = ''
- for filename, entry in self.repository.entries.iteritems():
- if ".pub.H_" in filename:
- h = filename.split('_')[-1]
- try:
- ipaddr = gethostbyname(h)
- output += "%s,%s.mcs.anl.gov,%s %s" % (h, h, ipaddr, entry.data)
- except gaierror:
- continue
- self.repository.entries['ssh_known_hosts'].data = output
-
- def GenerateHostKeys(self, client):
- '''Generate new host keys for client'''
- keylist = [x % client for x in self.hostkeys]
- for hostkey in keylist:
- if 'ssh_host_rsa_key.H_' in hostkey:
- keytype = 'rsa'
- elif 'ssh_host_dsa_key.H_' in hostkey:
- keytype = 'dsa'
- else:
- keytype = 'rsa1'
-
- if hostkey not in self.repository.entries.keys():
- fileloc = "%s/%s" % (self.data, hostkey)
- system('ssh-keygen -q -f %s -N "" -t %s -C root@%s < /dev/null' % (fileloc, keytype, client))
- rename("%s.pub"%(fileloc),"%s/" %
- (self.data, )+".".join(hostkey.split('.')[:-1]+['pub']+[hostkey.split('.')[-1]]))
- self.repository.AddEntry(hostkey)
- self.repository.AddEntry("%s.pub"%(hostkey))
- # call the notifier for global
-