def verifyHostKey(self, pubKey, fingerprint): #d = defer.Deferred() #d.addCallback(lambda x:defer.succeed(1)) #d.callback(2) #return d goodKey = isInKnownHosts(options['host'], pubKey, {'known-hosts': None}) if goodKey == 1: # good key return defer.succeed(1) elif goodKey == 2: # AAHHHHH changed return defer.fail(error.ConchError('bad host key')) else: if options['host'] == self.transport.getPeer()[1]: host = options['host'] khHost = options['host'] else: host = '%s (%s)' % (options['host'], self.transport.getPeer()[1]) khHost = '%s,%s' % (options['host'], self.transport.getPeer()[1]) keyType = common.getNS(pubKey)[0] ques = """The authenticity of host '%s' can't be established.\r %s key fingerprint is %s.""" % (host, { 'ssh-dss': 'DSA', 'ssh-rsa': 'RSA' }[keyType], fingerprint) ques += '\r\nAre you sure you want to continue connecting (yes/no)? ' return deferredAskFrame(ques, 1).addCallback(self._cbVerifyHostKey, pubKey, khHost, keyType)
def verifyHostKey(self, pubKey, fingerprint): # d = defer.Deferred() # d.addCallback(lambda x:defer.succeed(1)) # d.callback(2) # return d goodKey = isInKnownHosts(options["host"], pubKey, {"known-hosts": None}) if goodKey == 1: # good key return defer.succeed(1) elif goodKey == 2: # AAHHHHH changed return defer.fail(error.ConchError("bad host key")) else: if options["host"] == self.transport.getPeer().host: host = options["host"] khHost = options["host"] else: host = "{} ({})".format(options["host"], self.transport.getPeer().host) khHost = "{},{}".format(options["host"], self.transport.getPeer().host) keyType = common.getNS(pubKey)[0] ques = """The authenticity of host '{}' can't be established.\r {} key fingerprint is {}.""".format( host, { b"ssh-dss": "DSA", b"ssh-rsa": "RSA" }[keyType], fingerprint, ) ques += "\r\nAre you sure you want to continue connecting (yes/no)? " return deferredAskFrame(ques, 1).addCallback(self._cbVerifyHostKey, pubKey, khHost, keyType)
def verifyHostKey(self, pubKey, fingerprint): #d = defer.Deferred() #d.addCallback(lambda x:defer.succeed(1)) #d.callback(2) #return d goodKey = isInKnownHosts(options['host'], pubKey, {'known-hosts': None}) if goodKey == 1: # good key return defer.succeed(1) elif goodKey == 2: # AAHHHHH changed return defer.fail(error.ConchError('bad host key')) else: if options['host'] == self.transport.getPeer()[1]: host = options['host'] khHost = options['host'] else: host = '%s (%s)' % (options['host'], self.transport.getPeer()[1]) khHost = '%s,%s' % (options['host'], self.transport.getPeer()[1]) keyType = common.getNS(pubKey)[0] ques = """The authenticity of host '%s' can't be established.\r %s key fingerprint is %s.""" % (host, {'ssh-dss':'DSA', 'ssh-rsa':'RSA'}[keyType], fingerprint) ques+='\r\nAre you sure you want to continue connecting (yes/no)? ' return deferredAskFrame(ques, 1).addCallback(self._cbVerifyHostKey, pubKey, khHost, keyType)
def test_notInKnownHosts(self): """ L{default.isInKnownHosts} should return C{0} when a host with a key is not in the known hosts file. """ r = default.isInKnownHosts( "not.there", b"irrelevant", {"known-hosts": FilePath(self.hostsOption).path}) self.assertEqual(0, r)
def test_inKnownHostsKeyChanged(self): """ L{default.isInKnownHosts} should return C{2} when a host with a key other than the given one is in the known hosts file. """ host = self.hashedEntries[b"4.3.2.1"].toString().split()[0] r = default.isInKnownHosts( host, Key.fromString(otherSampleKey).blob(), {"known-hosts": FilePath(self.hostsOption).path}) self.assertEqual(2, r)
def test_inKnownHosts(self): """ L{default.isInKnownHosts} should return C{1} when a host with a key is in the known hosts file. """ host = self.hashedEntries[b"4.3.2.1"].toString().split()[0] r = default.isInKnownHosts( host, Key.fromString(sampleKey).blob(), {"known-hosts": FilePath(self.hostsOption).path}, ) self.assertEqual(1, r)
def verifyHostKey(transport, host, pubKey, fingerprint): retVal = isInKnownHosts(host, pubKey, transport.factory.options) if retVal == 1: return defer.succeed(retVal) elif retVal == 0: errmsg = "Not existent key" elif retVal == 2: errmsg = "Changed key" else: errmsg = "Unknown return %s" % retVal log.err(errmsg) return defer.fail(error.ConchError(errmsg))
def verifyHostKey(self, pubkey, fingerprint): cfg = config.configuration name = self.factory.alias or self.factory.hostname options = {'known-hosts': cfg.get('Server', 'known hosts')} found = isInKnownHosts(name, pubkey, options) if found == 0: log.err('host key for %s not found' % name) return defer.fail(error.ConchError('host key for %s not found' % name)) elif found == 2: log.err('host key for %s has changed' % name) return defer.fail(error.ConchError('host key for %s has changed' % name)) else: return defer.succeed(1)