def get_fingerprints(self):
status = self._status()
if status == 'unavailable':
log.info("Instance '%s' unavailable", self.id)
sys.exit(1)
if status != 'running':
log.info("Instance state: %s", status)
sys.exit(1)
result = []
rc, out, err = self.master.ezjail_admin('console',
name=self._name,
cmd='ls /etc/ssh/')
if rc != 0:
return result
pub_key_names = list(x for x in out.splitlines()
if fnmatch(x, 'ssh_host*_key.pub'))
for pub_key_name in pub_key_names:
rc, out, err = self.master.ezjail_admin(
'console',
name=self._name,
cmd='ssh-keygen -lf /etc/ssh/%s' % pub_key_name)
if rc != 0:
continue
(key, ) = parse_ssh_keygen(out)
info = dict(fingerprint=key.fingerprint,
keylen=key.keylen,
keytype=key.keytype)
result.append(info)
return result
def get_fingerprints(self):
status = self._status()
if status == 'unavailable':
log.info("Instance '%s' unavailable", self.id)
sys.exit(1)
if status != 'running':
log.info("Instance state: %s", status)
sys.exit(1)
result = []
rc, out, err = self.master.ezjail_admin(
'console', name=self._name,
cmd='ls /etc/ssh/')
if rc != 0:
return result
pub_key_names = list(
x for x in out.splitlines()
if fnmatch(x, 'ssh_host*_key.pub'))
for pub_key_name in pub_key_names:
rc, out, err = self.master.ezjail_admin(
'console', name=self._name,
cmd='ssh-keygen -lf /etc/ssh/%s' % pub_key_name)
if rc != 0:
continue
(key,) = parse_ssh_keygen(out)
info = dict(
fingerprint=key.fingerprint,
keylen=key.keylen,
keytype=key.keytype)
result.append(info)
return result
def get_ssh_fingerprints(self):
fingerprints = self.config.get('ssh-fingerprints')
if fingerprints is None:
fingerprints = self.config.get('fingerprint')
if fingerprints is None:
if getattr(self, 'get_fingerprint', None) is not None:
fingerprints = 'auto'
if fingerprints is None:
raise self.paramiko.SSHException("No fingerprint set in config.")
fingerprints = [x.strip() for x in re.split(',|\n', fingerprints.strip())]
result = []
for fingerprint in fingerprints:
path = os.path.join(self.master.main_config.path, fingerprint)
if os.path.exists(path):
try:
text = subprocess.check_output(['ssh-keygen', '-lf', path])
except subprocess.CalledProcessError as e:
log.error("Couldn't get fingerprint from '%s':\n%s" % (path, e))
sys.exit(1)
result.extend(parse_ssh_keygen(text))
continue
if fingerprint.lower() == 'auto':
result.append(SSHKeyFingerprintInstance(self))
continue
if fingerprint.lower() == 'ask':
result.append(SSHKeyFingerprintAsk())
continue
if fingerprint.lower() == 'ignore':
result.append(SSHKeyFingerprintIgnore())
continue
result.append(SSHKeyFingerprint(parse_fingerprint(fingerprint)))
return result
def get_ssh_fingerprints(self):
fingerprints = self.config.get('ssh-fingerprints')
if fingerprints is None:
fingerprints = self.config.get('fingerprint')
if fingerprints is None:
func = getattr(self, 'get_fingerprints', None)
if func is None:
func = getattr(self, 'get_fingerprint', None)
if func is not None:
fingerprints = 'auto'
if fingerprints is None:
fingerprints = '\n'.join(
str(
SSHKeyFingerprint(('sha256',
hashlib.sha256(key.asbytes()).digest()),
keylen=key.get_bits(),
keytype=key_type))
for key_type, key in self.get_ssh_pub_host_keys())
if not fingerprints:
fingerprints = None
if fingerprints is None:
raise self.paramiko.SSHException("No fingerprint set in config.")
fingerprints = split_option(fingerprints)
result = []
for fingerprint in fingerprints:
path = os.path.join(self.master.main_config.path, fingerprint)
if os.path.exists(path):
try:
text = subprocess.check_output(['ssh-keygen', '-lf', path])
except subprocess.CalledProcessError as e:
log.error("Couldn't get fingerprint from '%s':\n%s" %
(path, e))
sys.exit(1)
result.extend(parse_ssh_keygen(text))
continue
if fingerprint.lower() == 'auto':
result.append(SSHKeyFingerprintInstance(self))
continue
if fingerprint.lower() == 'ask':
result.append(SSHKeyFingerprintAsk())
continue
if fingerprint.lower() == 'ignore':
result.append(SSHKeyFingerprintIgnore())
continue
result.append(SSHKeyFingerprint(parse_fingerprint(fingerprint)))
return result
def get_ssh_fingerprints(self):
fingerprints = self.config.get('ssh-fingerprints')
if fingerprints is None:
fingerprints = self.config.get('fingerprint')
if fingerprints is None:
func = getattr(self, 'get_fingerprints', None)
if func is None:
func = getattr(self, 'get_fingerprint', None)
if func is not None:
fingerprints = 'auto'
if fingerprints is None:
fingerprints = '\n'.join(
str(SSHKeyFingerprint(
('sha256', hashlib.sha256(key.asbytes()).digest()),
keylen=key.get_bits(),
keytype=key_type))
for key_type, key in self.get_ssh_pub_host_keys())
if not fingerprints:
fingerprints = None
if fingerprints is None:
raise self.paramiko.SSHException("No fingerprint set in config.")
fingerprints = split_option(fingerprints)
result = []
for fingerprint in fingerprints:
path = os.path.join(self.master.main_config.path, fingerprint)
if os.path.exists(path):
try:
text = subprocess.check_output(['ssh-keygen', '-lf', path])
except subprocess.CalledProcessError as e:
log.error("Couldn't get fingerprint from '%s':\n%s" % (path, e))
sys.exit(1)
result.extend(parse_ssh_keygen(text))
continue
if fingerprint.lower() == 'auto':
result.append(SSHKeyFingerprintInstance(self))
continue
if fingerprint.lower() == 'ask':
result.append(SSHKeyFingerprintAsk())
continue
if fingerprint.lower() == 'ignore':
result.append(SSHKeyFingerprintIgnore())
continue
result.append(SSHKeyFingerprint(parse_fingerprint(fingerprint)))
return result
def test_parse_ssh_keygen(text, keyinfo):
assert all(a.match(b) for a, b in zip(parse_ssh_keygen(text), keyinfo))
def test_parse_ssh_keygen(text, keyinfo):
assert all(a.match(b) for a, b in zip(parse_ssh_keygen(text), keyinfo))
