def add_ssh_public_keys(name, filenames=[], keys={}):
"""
Add multiple public keys to the user's authorized SSH keys.
*filenames* must be a list of local filenames of public keys that
should be added to the user's SSH authorized keys.
Example::
import fabtools
fabtools.user.add_ssh_public_keys('alice', [
'~/.ssh/id1_rsa.pub',
'~/.ssh/id2_rsa.pub',
])
"""
from fabtools.require.files import (
directory as _require_directory,
file as _require_file,
)
ssh_dir = posixpath.join(home_directory(name), '.ssh')
_require_directory(ssh_dir, mode='700', owner=name, use_sudo=True)
authorized_keys_filename = posixpath.join(ssh_dir, 'authorized_keys')
_require_file(authorized_keys_filename, mode='600', owner=name,
use_sudo=True)
for filename in filenames:
with open(filename) as public_key_file:
public_key = public_key_file.read().strip()
# we don't use fabric.contrib.files.append() as it's buggy
if public_key not in authorized_keys(name):
sudo('echo %s >>%s' % (quote(public_key),
quote(authorized_keys_filename)))
for key in keys.values():
# we don't use fabric.contrib.files.append() as it's buggy
if key not in authorized_keys(name):
sudo('echo %s >>%s' % (quote(key),
quote(authorized_keys_filename)))
def add_ssh_public_keys(name, filenames):
"""
Add multiple public keys to the user's authorized SSH keys.
*filenames* must be a list of local filenames of public keys that
should be added to the user's SSH authorized keys.
Example::
import fabtools
fabtools.user.add_ssh_public_keys('alice', [
'~/.ssh/id1_rsa.pub',
'~/.ssh/id2_rsa.pub',
])
"""
from fabtools.require.files import (
directory as _require_directory,
file as _require_file,
)
ssh_dir = posixpath.join(home_directory(name), '.ssh')
_require_directory(ssh_dir, mode='700', owner=name, use_sudo=True)
authorized_keys_filename = posixpath.join(ssh_dir, 'authorized_keys')
_require_file(authorized_keys_filename,
mode='600',
owner=name,
use_sudo=True)
for filename in filenames:
with open(filename) as public_key_file:
public_keys = public_key_file.read().strip().split("\n")
# we don't use fabric.contrib.files.append() as it's buggy
for public_key in public_keys:
if public_key not in authorized_keys(name):
sudo('echo %s >>%s' %
(quote(public_key), quote(authorized_keys_filename)))
def add_host_keys(name, hostname):
"""
Add all public keys of a host to the user's SSH known hosts file
"""
from fabtools.require.files import (
directory as _require_directory,
file as _require_file,
)
ssh_dir = posixpath.join(home_directory(name), '.ssh')
_require_directory(ssh_dir, mode='700', owner=name, use_sudo=True)
known_hosts_filename = posixpath.join(ssh_dir, 'known_hosts')
_require_file(known_hosts_filename, mode='644', owner=name, use_sudo=True)
known_hosts = uncommented_lines(known_hosts_filename, use_sudo=True)
with hide('running', 'stdout'):
res = run('ssh-keyscan -t rsa,dsa %s 2>/dev/null' % hostname)
for host_key in res.splitlines():
if host_key not in known_hosts:
sudo('echo %s >>%s' %
(quote(host_key), quote(known_hosts_filename)))
def add_host_keys(name, hostname):
"""
Add all public keys of a host to the user's SSH known hosts file
"""
from fabtools.require.files import (
directory as _require_directory,
file as _require_file,
)
ssh_dir = posixpath.join(home_directory(name), '.ssh')
_require_directory(ssh_dir, mode='700', owner=name, use_sudo=True)
known_hosts_filename = posixpath.join(ssh_dir, 'known_hosts')
_require_file(known_hosts_filename, mode='644', owner=name, use_sudo=True)
known_hosts = uncommented_lines(known_hosts_filename, use_sudo=True)
with hide('running', 'stdout'):
res = run('ssh-keyscan -t rsa,dsa %s 2>/dev/null' % hostname)
for host_key in res.splitlines():
if host_key not in known_hosts:
sudo('echo %s >>%s' % (quote(host_key),
quote(known_hosts_filename)))