diff options
author | elijah <elijah@riseup.net> | 2014-11-05 15:44:24 -0800 |
---|---|---|
committer | elijah <elijah@riseup.net> | 2014-11-05 15:44:24 -0800 |
commit | 2c697c574a6844c6cec3dc0cb6498cc0f87ff072 (patch) | |
tree | 7bac92e321c42f5147c481afd5905b317cc52768 /lib/leap_cli/ssh_key.rb | |
parent | 1ba5abc1a9359a00cee2da06b9766eb0bdda9f29 (diff) | |
download | leap_cli-2c697c574a6844c6cec3dc0cb6498cc0f87ff072.tar.gz leap_cli-2c697c574a6844c6cec3dc0cb6498cc0f87ff072.tar.bz2 |
prompt user to update ssh host keys when a better one is available. closes #6320
Diffstat (limited to 'lib/leap_cli/ssh_key.rb')
-rw-r--r-- | lib/leap_cli/ssh_key.rb | 46 |
1 files changed, 45 insertions, 1 deletions
diff --git a/lib/leap_cli/ssh_key.rb b/lib/leap_cli/ssh_key.rb index bd5bf43..3cbeddd 100644 --- a/lib/leap_cli/ssh_key.rb +++ b/lib/leap_cli/ssh_key.rb @@ -1,6 +1,7 @@ # # A wrapper around OpenSSL::PKey::RSA instances to provide a better api for dealing with SSH keys. # +# cipher 'ssh-ed25519' not supported yet because we are waiting for support in Net::SSH # require 'net/ssh' @@ -13,6 +14,10 @@ module LeapCli attr_accessor :filename attr_accessor :comment + # supported ssh key types, in order of preference + SUPPORTED_TYPES = ['ssh-rsa', 'ecdsa-sha2-nistp256'] + SUPPORTED_TYPES_RE = /(#{SUPPORTED_TYPES.join('|')})/ + ## ## CLASS METHODS ## @@ -64,6 +69,44 @@ module LeapCli public_key || private_key end + # + # Picks one key out of an array of keys that we think is the "best", + # based on the order of preference in SUPPORTED_TYPES + # + # Currently, this does not take bitsize into account. + # + def self.pick_best_key(keys) + keys.select {|k| + SUPPORTED_TYPES.include?(k.type) + }.sort {|a,b| + SUPPORTED_TYPES.index(a.type) <=> SUPPORTED_TYPES.index(b.type) + }.first + end + + # + # takes a string with one or more ssh keys, one key per line, + # and returns an array of SshKey objects. + # + # the lines should be in one of these formats: + # + # 1. <hostname> <key-type> <key> + # 2. <key-type> <key> + # + def self.parse_keys(string) + keys = [] + lines = string.split("\n").grep(/^[^#]/) + lines.each do |line| + if line =~ / #{SshKey::SUPPORTED_TYPES_RE} / + # <hostname> <key-type> <key> + keys << line.split(' ')[1..2] + elsif line =~ /^#{SshKey::SUPPORTED_TYPES_RE} / + # <key-type> <key> + keys << line.split(' ') + end + end + return keys.map{|k| SshKey.load(k[1], k[0])} + end + ## ## INSTANCE METHODS ## @@ -101,7 +144,8 @@ module LeapCli end def summary - "%s %s %s (%s)" % [self.type, self.bits, self.fingerprint, self.filename || self.comment || ''] + #"%s %s %s (%s)" % [self.type, self.bits, self.fingerprint, self.filename || self.comment || ''] + "%s %s %s" % [self.type, self.bits, self.fingerprint] end def to_s |