def __ssh_private_key_check(self): prvfile = self.get_config('ssh_keys') pubfile = "%s.pub" % prvfile prv = None if not os.path.exists(prvfile): try: self.log_info("generating %s" % prvfile) prv = RSAKey.generate(bits=1024) prv.write_private_key_file(prvfile) except Exception as e: self.log_critical("error: %s" % e) raise if not os.path.exists(pubfile): try: self.log_info("generating %s" % pubfile) pub = RSAKey(filename=prvfile) with open(pubfile, 'w') as f: f.write("%s %s" % (pub.get_name(), pub.get_base64())) except Exception as e: self.log_critical("error: %s" % e) raise if not prv: prv = RSAKey(filename=prvfile) self.ssh_host_key = prv self.ssh_host_hash = paramiko.py3compat.u( hexlify(prv.get_fingerprint())) self.log_info("SSH fingerprint: %s" % self.ssh_host_hash)
def generate_key_pair( cls, filename: str, bits: int = 2048, passphrase: str = None, comment: str = None, ): """Generate RSA key pair. :param filename: name of private key file :param bits: length of RSA key :param passphrase: passphrase of the RSA key :param comment: comment for RSA key """ priv = RSAKey.generate(bits=bits) priv.write_private_key_file(filename, password=passphrase) pub = RSAKey(filename=filename, password=passphrase) logger.info(f"generated RSA key pair: {filename}") with open(f"{filename}.pub", "w") as f: f.write(f"{pub.get_name()} {pub.get_base64()}") if comment: f.write(f" {comment}") hash = u(hexlify(pub.get_fingerprint())) fingerprint = ":".join([hash[i:2 + i] for i in range(0, len(hash), 2)]) logger.info(f"fingerprint: {bits} {fingerprint} {filename}.pub (RSA)") return fingerprint
def compute_fingerprint(self): data = base64.b64decode(self.key) if self.key_type == "ssh-rsa": pkey = RSAKey(data=data) elif self.key_type == "ssh-dss": pkey = DSSKey(data=data) return ":".join(re.findall(r"..", hexlify(pkey.get_fingerprint())))
def dehydrate(self, bundle): if bundle.obj.key_type == "ssh-rsa": key = RSAKey(data=base64.b64decode(bundle.obj.public_key)) elif bundle.obj.key_type == "ssh-dss": key = DSSKey(data=base64.b64decode(bundle.obj.public_key)) elif bundle.obj.key_type.startswith("ecdsa"): key = ECDSAKey(data=base64.b64decode(bundle.obj.public_key)) else: raise HydrationError("Unknown key type: %s" % bundle.object.key_type) bundle.data['fingerprint'] = u(hexlify(key.get_fingerprint())) return bundle
def dehydrate(self, bundle): if bundle.obj.key_type == "ssh-rsa": key = RSAKey(data=base64.b64decode(bundle.obj.public_key)) elif bundle.obj.key_type == "ssh-rsa": key = DSSKey(data=base64.b64decode(bundle.obj.public_key)) elif bundle.obj.key_type.startswith("ecdsa"): key = ECDSAKey(data=base64.b64decode(bundle.obj.public_key)) else: raise HydrationError( "Unknown key type: %s" % bundle.object.key_type ) bundle.data['fingerprint'] = u(hexlify(key.get_fingerprint())) return bundle
def generate_fingerprint(key): fingerprint = None _type, _key, _name = split_ssh_key(key) try: if _type == "ssh-rsa": _key = RSAKey(data=decodestring(_key)) elif _type == "ssh-dss": _key = DSSKey(data=decodestring(_key)) else: return fingerprint hash = hexlify(_key.get_fingerprint()) fingerprint = ":".join([hash[i : 2 + i] for i in range(0, len(hash), 2)]) except SSHException as e: # Invalid key # raise ValueError(str(e)) return None except Error: # Incorrect padding # report "Invalid key" error to user # raise ValueError("Invalid key") return None return fingerprint
def generate_fingerprint(key): fingerprint = None _type, _key, _name = split_ssh_key(key) try: if _type == 'ssh-rsa': _key = RSAKey(data=decodestring(_key)) elif _type == 'ssh-dss': _key = DSSKey(data=decodestring(_key)) else: return fingerprint hash = hexlify(_key.get_fingerprint()) fingerprint = ":".join([hash[i:2 + i] for i in range(0, len(hash), 2)]) except SSHException as e: # Invalid key # raise ValueError(str(e)) return None except Error: # Incorrect padding # report "Invalid key" error to user # raise ValueError("Invalid key") return None return fingerprint