summaryrefslogtreecommitdiffstats
path: root/src/lib/Server
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/Server')
-rw-r--r--src/lib/Server/Plugins/SSHbase.py79
1 files changed, 41 insertions, 38 deletions
diff --git a/src/lib/Server/Plugins/SSHbase.py b/src/lib/Server/Plugins/SSHbase.py
index 9e0580dbd..fbbe7d036 100644
--- a/src/lib/Server/Plugins/SSHbase.py
+++ b/src/lib/Server/Plugins/SSHbase.py
@@ -222,7 +222,7 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin,
client = metadata.hostname
filename = "%s.H_%s" % (entry.get('name').split('/')[-1], client)
if filename not in list(self.entries.keys()):
- self.GenerateHostKeys(client)
+ self.GenerateHostKeyPair(client, filename)
# Service the FAM events queued up by the key generation so
# the data structure entries will be available for binding.
#
@@ -254,45 +254,48 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin,
else:
entry.text = keydata
- def GenerateHostKeys(self, client):
- """Generate new host keys for client."""
- keylist = [keytmpl % client for keytmpl in self.hostkeys]
- for hostkey in keylist:
- if 'ssh_host_rsa_key.H_' == hostkey[:19]:
- keytype = 'rsa'
- elif 'ssh_host_dsa_key.H_' == hostkey[:19]:
- keytype = 'dsa'
- else:
- keytype = 'rsa1'
+ def GenerateHostKeyPair(self, client, filename):
+ """Generate new host key pair for client."""
+ filename = filename.split('.')[0] # no trailing ".pub", please
+ if filename == 'ssh_host_rsa_key':
+ hostkey = 'ssh_host_rsa_key.H_%s' % client
+ keytype = 'rsa'
+ elif filename == 'ssh_host_dsa_key':
+ hostkey = 'ssh_host_dsa_key.H_%s' % client
+ keytype = 'dsa'
+ elif filename == 'ssh_host_key':
+ hostkey = 'ssh_host_key.H_%s' % client
+ keytype = 'rsa1'
+ else:
+ return
- if hostkey not in list(self.entries.keys()):
- fileloc = "%s/%s" % (self.data, hostkey)
- publoc = self.data + '/' + ".".join([hostkey.split('.')[0],
- 'pub',
- "H_%s" % client])
- tempdir = tempfile.mkdtemp()
- temploc = "%s/%s" % (tempdir, hostkey)
- cmd = ["ssh-keygen", "-q", "-f", temploc, "-N", "",
- "-t", keytype, "-C", "root@%s" % client]
- proc = Popen(cmd, stdout=PIPE, stdin=PIPE)
- proc.communicate()
- proc.wait()
+ fileloc = "%s/%s" % (self.data, hostkey)
+ publoc = self.data + '/' + ".".join([hostkey.split('.')[0],
+ 'pub',
+ "H_%s" % client])
+ tempdir = tempfile.mkdtemp()
+ temploc = "%s/%s" % (tempdir, hostkey)
+ cmd = ["ssh-keygen", "-q", "-f", temploc, "-N", "",
+ "-t", keytype, "-C", "root@%s" % client]
+ proc = Popen(cmd, stdout=PIPE, stdin=PIPE)
+ proc.communicate()
+ proc.wait()
- try:
- shutil.copy(temploc, fileloc)
- shutil.copy("%s.pub" % temploc, publoc)
- except IOError:
- err = sys.exc_info()[1]
- self.logger.error("Temporary SSH keys not found: %s" % err)
-
- try:
- os.unlink(temploc)
- os.unlink("%s.pub" % temploc)
- os.rmdir(tempdir)
- except OSError:
- err = sys.exc_info()[1]
- self.logger.error("Failed to unlink temporary ssh keys: %s"
- % err)
+ try:
+ shutil.copy(temploc, fileloc)
+ shutil.copy("%s.pub" % temploc, publoc)
+ except IOError:
+ err = sys.exc_info()[1]
+ self.logger.error("Temporary SSH keys not found: %s" % err)
+
+ try:
+ os.unlink(temploc)
+ os.unlink("%s.pub" % temploc)
+ os.rmdir(tempdir)
+ except OSError:
+ err = sys.exc_info()[1]
+ self.logger.error("Failed to unlink temporary ssh keys: %s"
+ % err)
def AcceptChoices(self, _, metadata):
return [Bcfg2.Server.Plugin.Specificity(hostname=metadata.hostname)]