def _match_key(self, key_obj, base64_key): key = key_obj.name + ' ' + base64_key # XXX: static or class method would make this instantiation not necessary. # Too bad the syntax sucks. from coro.ssh.keys.openssh_key_storage import OpenSSH_Key_Storage x = OpenSSH_Key_Storage() parsed_key = x.parse_public_key(key) if parsed_key.public_key == key_obj.public_key: return 1 else: return 0
def runTest(self): # Build a sample known_hosts test file. tmp_filename = os.tempnam() f = open(tmp_filename, 'w') f.write("""# Example known hosts file. 10.1.1.108 ssh-dss AAAAB3NzaC1kc3MAAACBAOdTJwlIDyxIKAaCoGr/XsySV8AzJDU2fAePcO7CBURUYyUHS9uKsgsjZw7qBkdnkWT/Yx2Z8k9j+HuJ2L3mI6y9+cknen9ycze6g/UwmYa2+forEz7NXiEWi3lTHXnAXjEpmCWZAB6++HPM9rq+wQluOcN8cks57sttzxzqQG6RAAAAFQCgQ/edsYFn4jEBiJhoj97GElWM0QAAAIAz5hffnGq9zK5rtrNpKVdz6KIEyeXlGd16f6NwotVwpNd2zEXBC3+z13TyMiX35H9m7fWYQen7O7RNekJl5Gz7V6UA7lipNFrhmg/eO6rnXetrrgjdiHF5mSx3O8uBQOU5tK+IyAINtBhDqM6GNEqEkFa9yT6POYjGA8ihSaUUOQAAAIEAvvDYfg+KrBZUlJGMK/g1muBbBu5o+UbppgRTOsEfAMKRovV0vsZc4AIaeh/uGVKS+zXqQHh7btHgTMQ47hxF3tPVFWIgO6vDtsQX90e9xaCfmKQY2EV0Wrq1XUKxOycTNRZ5kCxYkq4qRhs5QnqB/Ov71g7HHxsJ8pnjSDusiNo= 172.16.1.11 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvUNY7kd1sDujt9HhdT6VWtf8yVRAw2Ib+M6ptWTuWWnPGR6TP/ZwumSs/rAguyxWrNRbw7Eainr/BTEFATpJRYKUDPZKGHLT3ixtOy7scUVRyaJD7F3L7BujkhHLWOyFJGtoZmJEdQmddGDwq+16gLD06GA8/N8kkQFRR6vwlRs= 64.70.20.70,64.70.44.3 1024 35 162807158017859311401243513535320968370503503816817576276599779420791975206320054411137858395244854129122865069311130487158120563446636918588974972115213166463069362091898230386572857193095086738994217228848073927343769936543295334648942676920084374567042307974866766193585693129128286570059425685457486987781 lists.ironport.com,10.1.1.109 ssh-dss AAAAB3NzaC1kc3MAAACBAOfO0s6KFDk8lU7hJyLWevjEIi9drfn8wJYFvYAc+apN4+Qlq4DtFXMDH8U5pQWpZsj705ywi5cex8aEaeepfeQBe6NQCmJci47cTTnaiy/IR7d2hZkB0LmJJX6JxYWWtk2kFyL4xbPEfXbBpNprTfNzgi32YeeIKak3T3amYo8dAAAAFQDInSP36WJZ7WnH13qBXZM+5USftwAAAIAQ7CHz/hwxpmYNind6Zm7vmFC8JkRdkTjNIfyuHszfgHI3+imhSJJxjaSwdvLNi+2P2cdoTrL45ITPFT0+YSq1VIXclqa0k0kjETFbayGbq9DE3w7S6WBiiewTcllu7NzO9EvaNt3XJUQ7SpvNBoLhv+XAHkdhX0ouwwtyeElT6gAAAIAEcOOSQClq9CIcYEjwtfDBANaJ7o2WfYJMqto+ibjnl+1YFtGw9ofD5gi5gtEIGtSb6mO88ooX9sfmkaAY+1L/gTdb3Fxc3zuL2PymBt1ruNTgVzEjV35h94lgC3+F4mPz0jQpnpsbxhm/uDn/i1BeRBlzMhyWOAHfLknna9WCmg== !outlaw.qa,*.qa,172.17.0.201 ssh-dss AAAAB3NzaC1kc3MAAACBAPaQAeia7kiuORu9425IyZRKlRPkom9mjEVERjN3Lw5R93rBZSwbl8wiT1PEeBN2047SZD7ucHaAUqAU39l//JVA0Q/RHXczad1niqC7Y7YKSpu3XfI7vpgMd91XIlxNhnhvNLtWfmwuWuX1FFiByKUY7fsHVeKTYwnvRPiv89IBAAAAFQCryy7v2z5Olv1Z0bSoQLDemiSzywAAAIEA3pmx1n0YRuw3hY4RfXbQCUxtu19bldG4XlNnmeIE8cb4tdGHBgLnLrMpSLsA4aMOWAzzDvB/Gk9AlgyNuYp2NaCFStE5yYiK9c+wTNpChCsDx/BqWMtPYTKQDZmhmSp94noIQd429OIJhQt1qL/7vHD1Tac/2V33TsADYW4aS+4AAACBANC4tVdIkB5vyLm2BrjK+P7uS8SaUSfKaAd83XahVz2q8cIeiFHrXvfLRFeks99vgxSPq6mqxC5zpcDGFWBm1UJY4PxyG+t6AhgYEPefD+ofXAvTHLPIRJbNv2BDP6vHOKRfAYtWGbQf6sXw4VwS9mAR6JHlGoHMLnRewMcq49jE *.com,test04.god ssh-dss AAAAB3NzaC1kc3MAAACBAK3p8k1i9I/m0no3LAS4etFGsommDJcBQfsuP/nn42O0VyDXltcfjLvWxABZow6iKJHiHZ8FN/FxOX+jZUlIplrs6oRYbKeWegq3NcvelEderWhIyOKrDZHgO9HprwamSMWFxDG5kUSJ/em/G5N+rGv8K7dJfCus42ynh0+a/Q1dAAAAFQD1/X/izKQrZs//Q5HgVVOfEqK6+wAAAIBQw1TWAHQHiihsCbbMbGuzm/7Rq9YTvGNyzmBgAP/fbmv/Vi3lZwmTilKSkebEFvrWeAT1hI9KufzjeRhkUCZGzCmCt7A614/brJRIznOAvWaTRsy/wzw7kdARljdQRTcnSXnpc81jEzMyt2SzcifZOvyNfIhAtFXX6yXeFg1dpgAAAIBoJZa1MTGEWJ43BcFftRGbnf/EK5+SDlYgrSiJZeGAUURvrdJPPtCSRtQU7ldiGfKiPcD/6U0XcC9o09/sDSfFOEtTFnawe74pqcQVT3x2hQ5Zs1W82M2arNXaoYBo21RAE4oy1u010a4hjxPoSrAVyQXVwL2Sv8B5vDu99sIu1w== """) f.close() # Make a subclass so we can control which file it loads. class custom_known_hosts(OpenSSH_Known_Hosts): def __init__(self, tmp_filename): self.tmp_filename = tmp_filename def get_known_hosts_filenames(self, username): return [self.tmp_filename] try: from coro.ssh.keys.openssh_key_storage import OpenSSH_Key_Storage keystore = OpenSSH_Key_Storage() x = custom_known_hosts(tmp_filename) # Make some keys to test against. # 10.1.1.108 k1 = keystore.parse_public_key('ssh-dss AAAAB3NzaC1kc3MAAACBAOdTJwlIDyxIKAaCoGr/XsySV8AzJDU2fAePcO7CBURUYyUHS9uKsgsjZw7qBkdnkWT/Yx2Z8k9j+HuJ2L3mI6y9+cknen9ycze6g/UwmYa2+forEz7NXiEWi3lTHXnAXjEpmCWZAB6++HPM9rq+wQluOcN8cks57sttzxzqQG6RAAAAFQCgQ/edsYFn4jEBiJhoj97GElWM0QAAAIAz5hffnGq9zK5rtrNpKVdz6KIEyeXlGd16f6NwotVwpNd2zEXBC3+z13TyMiX35H9m7fWYQen7O7RNekJl5Gz7V6UA7lipNFrhmg/eO6rnXetrrgjdiHF5mSx3O8uBQOU5tK+IyAINtBhDqM6GNEqEkFa9yT6POYjGA8ihSaUUOQAAAIEAvvDYfg+KrBZUlJGMK/g1muBbBu5o+UbppgRTOsEfAMKRovV0vsZc4AIaeh/uGVKS+zXqQHh7btHgTMQ47hxF3tPVFWIgO6vDtsQX90e9xaCfmKQY2EV0Wrq1XUKxOycTNRZ5kCxYkq4qRhs5QnqB/Ov71g7HHxsJ8pnjSDusiNo=') # lists.ironport.com k2 = keystore.parse_public_key('ssh-dss AAAAB3NzaC1kc3MAAACBAOfO0s6KFDk8lU7hJyLWevjEIi9drfn8wJYFvYAc+apN4+Qlq4DtFXMDH8U5pQWpZsj705ywi5cex8aEaeepfeQBe6NQCmJci47cTTnaiy/IR7d2hZkB0LmJJX6JxYWWtk2kFyL4xbPEfXbBpNprTfNzgi32YeeIKak3T3amYo8dAAAAFQDInSP36WJZ7WnH13qBXZM+5USftwAAAIAQ7CHz/hwxpmYNind6Zm7vmFC8JkRdkTjNIfyuHszfgHI3+imhSJJxjaSwdvLNi+2P2cdoTrL45ITPFT0+YSq1VIXclqa0k0kjETFbayGbq9DE3w7S6WBiiewTcllu7NzO9EvaNt3XJUQ7SpvNBoLhv+XAHkdhX0ouwwtyeElT6gAAAIAEcOOSQClq9CIcYEjwtfDBANaJ7o2WfYJMqto+ibjnl+1YFtGw9ofD5gi5gtEIGtSb6mO88ooX9sfmkaAY+1L/gTdb3Fxc3zuL2PymBt1ruNTgVzEjV35h94lgC3+F4mPz0jQpnpsbxhm/uDn/i1BeRBlzMhyWOAHfLknna9WCmg==') # 172.17.0.201 k3 = keystore.parse_public_key('ssh-dss AAAAB3NzaC1kc3MAAACBAPaQAeia7kiuORu9425IyZRKlRPkom9mjEVERjN3Lw5R93rBZSwbl8wiT1PEeBN2047SZD7ucHaAUqAU39l//JVA0Q/RHXczad1niqC7Y7YKSpu3XfI7vpgMd91XIlxNhnhvNLtWfmwuWuX1FFiByKUY7fsHVeKTYwnvRPiv89IBAAAAFQCryy7v2z5Olv1Z0bSoQLDemiSzywAAAIEA3pmx1n0YRuw3hY4RfXbQCUxtu19bldG4XlNnmeIE8cb4tdGHBgLnLrMpSLsA4aMOWAzzDvB/Gk9AlgyNuYp2NaCFStE5yYiK9c+wTNpChCsDx/BqWMtPYTKQDZmhmSp94noIQd429OIJhQt1qL/7vHD1Tac/2V33TsADYW4aS+4AAACBANC4tVdIkB5vyLm2BrjK+P7uS8SaUSfKaAd83XahVz2q8cIeiFHrXvfLRFeks99vgxSPq6mqxC5zpcDGFWBm1UJY4PxyG+t6AhgYEPefD+ofXAvTHLPIRJbNv2BDP6vHOKRfAYtWGbQf6sXw4VwS9mAR6JHlGoHMLnRewMcq49jE') # test04.god k4 = keystore.parse_public_key('ssh-dss AAAAB3NzaC1kc3MAAACBAK3p8k1i9I/m0no3LAS4etFGsommDJcBQfsuP/nn42O0VyDXltcfjLvWxABZow6iKJHiHZ8FN/FxOX+jZUlIplrs6oRYbKeWegq3NcvelEderWhIyOKrDZHgO9HprwamSMWFxDG5kUSJ/em/G5N+rGv8K7dJfCus42ynh0+a/Q1dAAAAFQD1/X/izKQrZs//Q5HgVVOfEqK6+wAAAIBQw1TWAHQHiihsCbbMbGuzm/7Rq9YTvGNyzmBgAP/fbmv/Vi3lZwmTilKSkebEFvrWeAT1hI9KufzjeRhkUCZGzCmCt7A614/brJRIznOAvWaTRsy/wzw7kdARljdQRTcnSXnpc81jEzMyt2SzcifZOvyNfIhAtFXX6yXeFg1dpgAAAIBoJZa1MTGEWJ43BcFftRGbnf/EK5+SDlYgrSiJZeGAUURvrdJPPtCSRtQU7ldiGfKiPcD/6U0XcC9o09/sDSfFOEtTFnawe74pqcQVT3x2hQ5Zs1W82M2arNXaoYBo21RAE4oy1u010a4hjxPoSrAVyQXVwL2Sv8B5vDu99sIu1w==') # Make a key that doesn't exist in the known hosts file. unknown_key = keystore.parse_public_key('ssh-dss AAAAB3NzaC1kc3MAAACBAJSc17NO4rxvhUfwjMzJMG9On9umzzlbwlN0wBv5riYetE1flTyySOUPa8YvpNYmMs5GSz0CzO/FI/EM/rgYvpvA+KKpV/9oL+XoT/O36t6Q8MZIGXwj75lxP8X9NSZxO0b5E7CRDyW5rsl6xfa3YaQrWqZRKhOeGASWRYtUZcpVAAAAFQCazkzFpIwqEpAbn0jZlkUHKbpwuQAAAIA4AGcL/OMIDtxC7T1smSPVk0VEr5i+IfL4xPLRSQCw6/Jr4OLzBH/TiTAjyp7NZszIu586J85t1nO3kOx/fKI8Ik2jDvJOmdUtDvMZnbZK1rvFiw3dCxEERGVW1LjyAnxtebl/pOJ6CpO4Pfh87mx+iH9m90oZSCDz602DXUz50wAAAIA0mmctzgavC8ApEsbKI69MhaYhkyxvEaucTarkGPAPvXPurfVJ8ZwtK3dYckLgn3a5WPHWqIZVfmtSbnkwld+t3BIl8IX6bKa2WaffUeU6k50ssUV6IvW+IHd0JJ/mwE6f9caNS7x0pC0+DQujp553IP5cr9NskQTK4j/Iwwlkrw==') # 172.16.1.11 k5 = keystore.parse_public_key('ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvUNY7kd1sDujt9HhdT6VWtf8yVRAw2Ib+M6ptWTuWWnPGR6TP/ZwumSs/rAguyxWrNRbw7Eainr/BTEFATpJRYKUDPZKGHLT3ixtOy7scUVRyaJD7F3L7BujkhHLWOyFJGtoZmJEdQmddGDwq+16gLD06GA8/N8kkQFRR6vwlRs=') # Do the tests. self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('10.1.1.108',''), k1), 1) self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('1.2.3.4',''), k1), 0) self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0','lists.ironport.com'), k2), 1) self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('lists.ironport.com', '10.1.1.109'), k2), 1) self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('10.1.1.109',''), k2), 1) self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0','outlaw.qa'), k3), 0) self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0','foo.qa'), k3), 1) self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('172.17.0.201',''), k3), 1) self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0','foo.com'), k4), 1) self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0','test04.god'), k4), 1) self.assertRaises(Host_Key_Changed_Error, x.check_for_host, IPv4_Remote_Host_ID('10.1.1.108',''), k2) self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('lists.ironport.com', '10.1.1.108'), k1), 1) self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0','unknown.dom'), k1), 0) self.assertRaises(Host_Key_Changed_Error, x.check_for_host, IPv4_Remote_Host_ID('10.1.1.108',''), unknown_key) self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('172.16.1.11',''), unknown_key), 0) self.assertEqual(x.check_for_host(IPv4_Remote_Host_ID('172.16.1.11',''), k5), 1) finally: os.unlink(tmp_filename)
def __init__(self, client_transport=None, server_transport=None, debug=None): self.tmc = Thread_Message_Callbacks() self.send_mutex = coro.mutex() # This is the registry of modules that want to receive certain messages. # The key is the module name, the value is a dictionary of message number # to callback function. The function takes 1 parameter (the packet). self.message_callback_registry = {} # This is a mapping of SSH message numbers to the function to call when # that message is received. It is an optimized version computed from # message_callback_registry. self.message_callbacks = {} if debug is None: self.debug = ssh_debug.Debug() else: self.debug = debug if client_transport is None: self.c2s = One_Way_SSH_Transport(self) else: self.c2s = client_transport if server_transport is None: self.s2c = One_Way_SSH_Transport(self) else: self.s2c = server_transport self.supported_key_storages = [OpenSSH_Key_Storage()] # XXX who/what sets self.is_server? can we use self.is_server # to decide which callbacks to register? Or should that be done # by the subclass? self.register_callbacks( '__base__', { SSH_MSG_IGNORE: self.msg_ignore, SSH_MSG_DEBUG: self.msg_debug, SSH_MSG_DISCONNECT: self.msg_disconnect, SSH_MSG_UNIMPLEMENTED: self.msg_unimplemented, # SSH_MSG_KEXINIT:self.msg_kexinit, SSH_MSG_NEWKEYS: self.msg_newkeys, })
server_key_pri = """-----BEGIN DSA PRIVATE KEY----- MIIBuwIBAAKBgQDTfwvvQo0WnUmZpnUFmqF/TXSXFaJ1NKbBLQXPh8dhHgTN1uFO ZibFXMKpDHLCGCdGRm5eHansB9hu2+nNoaFf3oLDHc8ctuE7xRHT8x174D2AxcnX r0Fw3BnZHj58lLlhayDJ4S6W77yefGEOuo/wKUEPjAUBCrvxKq3bKAeVUQIVAPpR bJO1QQZPlj4w+MXmRTgW7wGfAoGAVUkBIX+RLrh9guyiAadi9xGk8S7n5w2PbcsP KTG8x/ttCDEuaBp6El6qt86cA+M2GPvXjuMGR5BQT8IOaWS7Aw2+J1IamLCsrPfq oiQvz3cqxOAutuIuorzbIAgVo0hiAyovZE4u2zzKeci7OtfD8pRThSby4Dgbkeix FQFhW08CgYBSxcduHDSqJTCjFK4hwTlNck4h2hC1E4xuMfxYsUZkLrBAsD3nzU2W jNoZppTz3W8XC7YnTxonncXNWxCWsDWpvs0b2zGj7uUvGRtlyxtQpybyN3LZ0flo DssTygy7t0KlS7T2a1IhqiVDbrSUoGXz+Wp/z66lCpSLTlPsGpLeLwIVAMQldwwH OekNfzzIBr6QkMvmIOuL -----END DSA PRIVATE KEY----- """ ks = OpenSSH_Key_Storage() server_key_ob = ks.parse_private_key (server_key_pri) # will authentication user 'foo' with password 'bar' for the 'ssh-connection' service [the only service currently supported] pwd_auth = coro.ssh.auth.userauth.Password_Authenticator ({'foo' : { 'ssh-connection' : 'bar' } }) # how to add public-key authentication: # # user_key_pub = """ssh-dss AAAAB...Stc= [email protected]\n""" # user_key_ob = ks.parse_public_key (user_key_pub) # pubkey_auth = coro.ssh.auth.userauth.Public_Key_Authenticator ({'luser': { 'ssh-connection' : [user_key_ob]}}) # # add/replace <pubkey_auth> to the list "[pwd_auth]" below... def usage(): print 'backdoor.py [-p port]'
MIIBuwIBAAKBgQDTfwvvQo0WnUmZpnUFmqF/TXSXFaJ1NKbBLQXPh8dhHgTN1uFO ZibFXMKpDHLCGCdGRm5eHansB9hu2+nNoaFf3oLDHc8ctuE7xRHT8x174D2AxcnX r0Fw3BnZHj58lLlhayDJ4S6W77yefGEOuo/wKUEPjAUBCrvxKq3bKAeVUQIVAPpR bJO1QQZPlj4w+MXmRTgW7wGfAoGAVUkBIX+RLrh9guyiAadi9xGk8S7n5w2PbcsP KTG8x/ttCDEuaBp6El6qt86cA+M2GPvXjuMGR5BQT8IOaWS7Aw2+J1IamLCsrPfq oiQvz3cqxOAutuIuorzbIAgVo0hiAyovZE4u2zzKeci7OtfD8pRThSby4Dgbkeix FQFhW08CgYBSxcduHDSqJTCjFK4hwTlNck4h2hC1E4xuMfxYsUZkLrBAsD3nzU2W jNoZppTz3W8XC7YnTxonncXNWxCWsDWpvs0b2zGj7uUvGRtlyxtQpybyN3LZ0flo DssTygy7t0KlS7T2a1IhqiVDbrSUoGXz+Wp/z66lCpSLTlPsGpLeLwIVAMQldwwH OekNfzzIBr6QkMvmIOuL -----END DSA PRIVATE KEY----- """ user_key_pub = """ssh-dss AAAAB3NzaC1kc3MAAACBAPawYoOY758V46mBep5i3pRQSuXnmYLiwBWH06NMXfMKkncZE4eWIVVoDqZmeMfCSHP8uY2gS+QDfdMCGtqu9sX8noPx5SG6gzUnadhFKU2+o7tbJ9WkQX7TPHB2GLBk5SNn6MFfLlLwlLv+OFnO0jcBD81fkCZp19BoZt1CCMGLAAAAFQCCSKBZHEoXw7Y1jiT0GFuqGgPMaQAAAIB2EjHBcrMa6jvmNI1DLYEHrYlQ30cDvnYYIyunMsp6SybE1sLN2W3UqGLjqB2i3FgWh7o1yUVWdImBvFz4kdYVhlEcYUeTgu8IWH2YNFcr7/Q4IpF9h20pu/ASuR9aK/D8sA4s7JqVfkS/mIaOZ8W2aZiOSaqvJXQPee9tiKgLDAAAAIEA6jTTFwh0wBlLdzALSaxf+A4IPGwE3mlmVmzt+A+a+EqL2ZRmAZ2puQH3NKckqrAlHDY7gGuF5XlHUTiTbVanuv6vCRlPwHWCPNNZhYFqGLpMEqRNPV2cMlU0gaPn69DMZwbDNCJghZI6C2uejoh3agHvHq8jgm9q4e3X3nEjStc= [email protected]\n""" # noqa ks = OpenSSH_Key_Storage() server_key_ob = ks.parse_private_key(server_key_pri) user_key_ob = ks.parse_public_key(user_key_pub) def usage(): print "test_coro_server [-p port]" def serve(port): s = coro.tcp_sock() s.bind(("", port)) s.listen(5) while 1: conn, addr = s.accept() coro.spawn(go, conn, addr)
MIIBuwIBAAKBgQDTfwvvQo0WnUmZpnUFmqF/TXSXFaJ1NKbBLQXPh8dhHgTN1uFO ZibFXMKpDHLCGCdGRm5eHansB9hu2+nNoaFf3oLDHc8ctuE7xRHT8x174D2AxcnX r0Fw3BnZHj58lLlhayDJ4S6W77yefGEOuo/wKUEPjAUBCrvxKq3bKAeVUQIVAPpR bJO1QQZPlj4w+MXmRTgW7wGfAoGAVUkBIX+RLrh9guyiAadi9xGk8S7n5w2PbcsP KTG8x/ttCDEuaBp6El6qt86cA+M2GPvXjuMGR5BQT8IOaWS7Aw2+J1IamLCsrPfq oiQvz3cqxOAutuIuorzbIAgVo0hiAyovZE4u2zzKeci7OtfD8pRThSby4Dgbkeix FQFhW08CgYBSxcduHDSqJTCjFK4hwTlNck4h2hC1E4xuMfxYsUZkLrBAsD3nzU2W jNoZppTz3W8XC7YnTxonncXNWxCWsDWpvs0b2zGj7uUvGRtlyxtQpybyN3LZ0flo DssTygy7t0KlS7T2a1IhqiVDbrSUoGXz+Wp/z66lCpSLTlPsGpLeLwIVAMQldwwH OekNfzzIBr6QkMvmIOuL -----END DSA PRIVATE KEY----- """ user_key_pub = """ssh-dss AAAAB3NzaC1kc3MAAACBAPawYoOY758V46mBep5i3pRQSuXnmYLiwBWH06NMXfMKkncZE4eWIVVoDqZmeMfCSHP8uY2gS+QDfdMCGtqu9sX8noPx5SG6gzUnadhFKU2+o7tbJ9WkQX7TPHB2GLBk5SNn6MFfLlLwlLv+OFnO0jcBD81fkCZp19BoZt1CCMGLAAAAFQCCSKBZHEoXw7Y1jiT0GFuqGgPMaQAAAIB2EjHBcrMa6jvmNI1DLYEHrYlQ30cDvnYYIyunMsp6SybE1sLN2W3UqGLjqB2i3FgWh7o1yUVWdImBvFz4kdYVhlEcYUeTgu8IWH2YNFcr7/Q4IpF9h20pu/ASuR9aK/D8sA4s7JqVfkS/mIaOZ8W2aZiOSaqvJXQPee9tiKgLDAAAAIEA6jTTFwh0wBlLdzALSaxf+A4IPGwE3mlmVmzt+A+a+EqL2ZRmAZ2puQH3NKckqrAlHDY7gGuF5XlHUTiTbVanuv6vCRlPwHWCPNNZhYFqGLpMEqRNPV2cMlU0gaPn69DMZwbDNCJghZI6C2uejoh3agHvHq8jgm9q4e3X3nEjStc= [email protected]\n""" # noqa ks = OpenSSH_Key_Storage() server_key_ob = ks.parse_private_key(server_key_pri) user_key_ob = ks.parse_public_key(user_key_pub) def usage(): print 'test_coro_server [-p port]' def serve(port): s = coro.tcp_sock() s.bind(('', port)) s.listen(5) while 1: conn, addr = s.accept() coro.spawn(go, conn, addr)
def runTest(self): # Build a sample known_hosts test file. tmp_filename = os.tempnam() f = open(tmp_filename, 'w') f.write("""# Example known hosts file. 10.1.1.108 ssh-dss AAAAB3NzaC1kc3MAAACBAOdTJwlIDyxIKAaCoGr/XsySV8AzJDU2fAePcO7CBURUYyUHS9uKsgsjZw7qBkdnkWT/Yx2Z8k9j+HuJ2L3mI6y9+cknen9ycze6g/UwmYa2+forEz7NXiEWi3lTHXnAXjEpmCWZAB6++HPM9rq+wQluOcN8cks57sttzxzqQG6RAAAAFQCgQ/edsYFn4jEBiJhoj97GElWM0QAAAIAz5hffnGq9zK5rtrNpKVdz6KIEyeXlGd16f6NwotVwpNd2zEXBC3+z13TyMiX35H9m7fWYQen7O7RNekJl5Gz7V6UA7lipNFrhmg/eO6rnXetrrgjdiHF5mSx3O8uBQOU5tK+IyAINtBhDqM6GNEqEkFa9yT6POYjGA8ihSaUUOQAAAIEAvvDYfg+KrBZUlJGMK/g1muBbBu5o+UbppgRTOsEfAMKRovV0vsZc4AIaeh/uGVKS+zXqQHh7btHgTMQ47hxF3tPVFWIgO6vDtsQX90e9xaCfmKQY2EV0Wrq1XUKxOycTNRZ5kCxYkq4qRhs5QnqB/Ov71g7HHxsJ8pnjSDusiNo= 172.16.1.11 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvUNY7kd1sDujt9HhdT6VWtf8yVRAw2Ib+M6ptWTuWWnPGR6TP/ZwumSs/rAguyxWrNRbw7Eainr/BTEFATpJRYKUDPZKGHLT3ixtOy7scUVRyaJD7F3L7BujkhHLWOyFJGtoZmJEdQmddGDwq+16gLD06GA8/N8kkQFRR6vwlRs= 64.70.20.70,64.70.44.3 1024 35 162807158017859311401243513535320968370503503816817576276599779420791975206320054411137858395244854129122865069311130487158120563446636918588974972115213166463069362091898230386572857193095086738994217228848073927343769936543295334648942676920084374567042307974866766193585693129128286570059425685457486987781 lists.ironport.com,10.1.1.109 ssh-dss AAAAB3NzaC1kc3MAAACBAOfO0s6KFDk8lU7hJyLWevjEIi9drfn8wJYFvYAc+apN4+Qlq4DtFXMDH8U5pQWpZsj705ywi5cex8aEaeepfeQBe6NQCmJci47cTTnaiy/IR7d2hZkB0LmJJX6JxYWWtk2kFyL4xbPEfXbBpNprTfNzgi32YeeIKak3T3amYo8dAAAAFQDInSP36WJZ7WnH13qBXZM+5USftwAAAIAQ7CHz/hwxpmYNind6Zm7vmFC8JkRdkTjNIfyuHszfgHI3+imhSJJxjaSwdvLNi+2P2cdoTrL45ITPFT0+YSq1VIXclqa0k0kjETFbayGbq9DE3w7S6WBiiewTcllu7NzO9EvaNt3XJUQ7SpvNBoLhv+XAHkdhX0ouwwtyeElT6gAAAIAEcOOSQClq9CIcYEjwtfDBANaJ7o2WfYJMqto+ibjnl+1YFtGw9ofD5gi5gtEIGtSb6mO88ooX9sfmkaAY+1L/gTdb3Fxc3zuL2PymBt1ruNTgVzEjV35h94lgC3+F4mPz0jQpnpsbxhm/uDn/i1BeRBlzMhyWOAHfLknna9WCmg== !outlaw.qa,*.qa,172.17.0.201 ssh-dss AAAAB3NzaC1kc3MAAACBAPaQAeia7kiuORu9425IyZRKlRPkom9mjEVERjN3Lw5R93rBZSwbl8wiT1PEeBN2047SZD7ucHaAUqAU39l//JVA0Q/RHXczad1niqC7Y7YKSpu3XfI7vpgMd91XIlxNhnhvNLtWfmwuWuX1FFiByKUY7fsHVeKTYwnvRPiv89IBAAAAFQCryy7v2z5Olv1Z0bSoQLDemiSzywAAAIEA3pmx1n0YRuw3hY4RfXbQCUxtu19bldG4XlNnmeIE8cb4tdGHBgLnLrMpSLsA4aMOWAzzDvB/Gk9AlgyNuYp2NaCFStE5yYiK9c+wTNpChCsDx/BqWMtPYTKQDZmhmSp94noIQd429OIJhQt1qL/7vHD1Tac/2V33TsADYW4aS+4AAACBANC4tVdIkB5vyLm2BrjK+P7uS8SaUSfKaAd83XahVz2q8cIeiFHrXvfLRFeks99vgxSPq6mqxC5zpcDGFWBm1UJY4PxyG+t6AhgYEPefD+ofXAvTHLPIRJbNv2BDP6vHOKRfAYtWGbQf6sXw4VwS9mAR6JHlGoHMLnRewMcq49jE *.com,test04.god ssh-dss AAAAB3NzaC1kc3MAAACBAK3p8k1i9I/m0no3LAS4etFGsommDJcBQfsuP/nn42O0VyDXltcfjLvWxABZow6iKJHiHZ8FN/FxOX+jZUlIplrs6oRYbKeWegq3NcvelEderWhIyOKrDZHgO9HprwamSMWFxDG5kUSJ/em/G5N+rGv8K7dJfCus42ynh0+a/Q1dAAAAFQD1/X/izKQrZs//Q5HgVVOfEqK6+wAAAIBQw1TWAHQHiihsCbbMbGuzm/7Rq9YTvGNyzmBgAP/fbmv/Vi3lZwmTilKSkebEFvrWeAT1hI9KufzjeRhkUCZGzCmCt7A614/brJRIznOAvWaTRsy/wzw7kdARljdQRTcnSXnpc81jEzMyt2SzcifZOvyNfIhAtFXX6yXeFg1dpgAAAIBoJZa1MTGEWJ43BcFftRGbnf/EK5+SDlYgrSiJZeGAUURvrdJPPtCSRtQU7ldiGfKiPcD/6U0XcC9o09/sDSfFOEtTFnawe74pqcQVT3x2hQ5Zs1W82M2arNXaoYBo21RAE4oy1u010a4hjxPoSrAVyQXVwL2Sv8B5vDu99sIu1w== """) # noqa f.close() # Make a subclass so we can control which file it loads. class custom_known_hosts(OpenSSH_Known_Hosts): def __init__(self, tmp_filename): self.tmp_filename = tmp_filename def get_known_hosts_filenames(self, username): return [self.tmp_filename] try: from coro.ssh.keys.openssh_key_storage import OpenSSH_Key_Storage keystore = OpenSSH_Key_Storage() x = custom_known_hosts(tmp_filename) # Make some keys to test against. # 10.1.1.108 k1 = keystore.parse_public_key( 'ssh-dss AAAAB3NzaC1kc3MAAACBAOdTJwlIDyxIKAaCoGr/XsySV8AzJDU2fAePcO7CBURUYyUHS9uKsgsjZw7qBkdnkWT/Yx2Z8k9j+HuJ2L3mI6y9+cknen9ycze6g/UwmYa2+forEz7NXiEWi3lTHXnAXjEpmCWZAB6++HPM9rq+wQluOcN8cks57sttzxzqQG6RAAAAFQCgQ/edsYFn4jEBiJhoj97GElWM0QAAAIAz5hffnGq9zK5rtrNpKVdz6KIEyeXlGd16f6NwotVwpNd2zEXBC3+z13TyMiX35H9m7fWYQen7O7RNekJl5Gz7V6UA7lipNFrhmg/eO6rnXetrrgjdiHF5mSx3O8uBQOU5tK+IyAINtBhDqM6GNEqEkFa9yT6POYjGA8ihSaUUOQAAAIEAvvDYfg+KrBZUlJGMK/g1muBbBu5o+UbppgRTOsEfAMKRovV0vsZc4AIaeh/uGVKS+zXqQHh7btHgTMQ47hxF3tPVFWIgO6vDtsQX90e9xaCfmKQY2EV0Wrq1XUKxOycTNRZ5kCxYkq4qRhs5QnqB/Ov71g7HHxsJ8pnjSDusiNo=' ) # noqa # lists.ironport.com k2 = keystore.parse_public_key( 'ssh-dss AAAAB3NzaC1kc3MAAACBAOfO0s6KFDk8lU7hJyLWevjEIi9drfn8wJYFvYAc+apN4+Qlq4DtFXMDH8U5pQWpZsj705ywi5cex8aEaeepfeQBe6NQCmJci47cTTnaiy/IR7d2hZkB0LmJJX6JxYWWtk2kFyL4xbPEfXbBpNprTfNzgi32YeeIKak3T3amYo8dAAAAFQDInSP36WJZ7WnH13qBXZM+5USftwAAAIAQ7CHz/hwxpmYNind6Zm7vmFC8JkRdkTjNIfyuHszfgHI3+imhSJJxjaSwdvLNi+2P2cdoTrL45ITPFT0+YSq1VIXclqa0k0kjETFbayGbq9DE3w7S6WBiiewTcllu7NzO9EvaNt3XJUQ7SpvNBoLhv+XAHkdhX0ouwwtyeElT6gAAAIAEcOOSQClq9CIcYEjwtfDBANaJ7o2WfYJMqto+ibjnl+1YFtGw9ofD5gi5gtEIGtSb6mO88ooX9sfmkaAY+1L/gTdb3Fxc3zuL2PymBt1ruNTgVzEjV35h94lgC3+F4mPz0jQpnpsbxhm/uDn/i1BeRBlzMhyWOAHfLknna9WCmg==' ) # noqa # 172.17.0.201 k3 = keystore.parse_public_key( 'ssh-dss AAAAB3NzaC1kc3MAAACBAPaQAeia7kiuORu9425IyZRKlRPkom9mjEVERjN3Lw5R93rBZSwbl8wiT1PEeBN2047SZD7ucHaAUqAU39l//JVA0Q/RHXczad1niqC7Y7YKSpu3XfI7vpgMd91XIlxNhnhvNLtWfmwuWuX1FFiByKUY7fsHVeKTYwnvRPiv89IBAAAAFQCryy7v2z5Olv1Z0bSoQLDemiSzywAAAIEA3pmx1n0YRuw3hY4RfXbQCUxtu19bldG4XlNnmeIE8cb4tdGHBgLnLrMpSLsA4aMOWAzzDvB/Gk9AlgyNuYp2NaCFStE5yYiK9c+wTNpChCsDx/BqWMtPYTKQDZmhmSp94noIQd429OIJhQt1qL/7vHD1Tac/2V33TsADYW4aS+4AAACBANC4tVdIkB5vyLm2BrjK+P7uS8SaUSfKaAd83XahVz2q8cIeiFHrXvfLRFeks99vgxSPq6mqxC5zpcDGFWBm1UJY4PxyG+t6AhgYEPefD+ofXAvTHLPIRJbNv2BDP6vHOKRfAYtWGbQf6sXw4VwS9mAR6JHlGoHMLnRewMcq49jE' ) # noqa # test04.god k4 = keystore.parse_public_key( 'ssh-dss AAAAB3NzaC1kc3MAAACBAK3p8k1i9I/m0no3LAS4etFGsommDJcBQfsuP/nn42O0VyDXltcfjLvWxABZow6iKJHiHZ8FN/FxOX+jZUlIplrs6oRYbKeWegq3NcvelEderWhIyOKrDZHgO9HprwamSMWFxDG5kUSJ/em/G5N+rGv8K7dJfCus42ynh0+a/Q1dAAAAFQD1/X/izKQrZs//Q5HgVVOfEqK6+wAAAIBQw1TWAHQHiihsCbbMbGuzm/7Rq9YTvGNyzmBgAP/fbmv/Vi3lZwmTilKSkebEFvrWeAT1hI9KufzjeRhkUCZGzCmCt7A614/brJRIznOAvWaTRsy/wzw7kdARljdQRTcnSXnpc81jEzMyt2SzcifZOvyNfIhAtFXX6yXeFg1dpgAAAIBoJZa1MTGEWJ43BcFftRGbnf/EK5+SDlYgrSiJZeGAUURvrdJPPtCSRtQU7ldiGfKiPcD/6U0XcC9o09/sDSfFOEtTFnawe74pqcQVT3x2hQ5Zs1W82M2arNXaoYBo21RAE4oy1u010a4hjxPoSrAVyQXVwL2Sv8B5vDu99sIu1w==' ) # noqa # Make a key that doesn't exist in the known hosts file. unknown_key = keystore.parse_public_key( 'ssh-dss AAAAB3NzaC1kc3MAAACBAJSc17NO4rxvhUfwjMzJMG9On9umzzlbwlN0wBv5riYetE1flTyySOUPa8YvpNYmMs5GSz0CzO/FI/EM/rgYvpvA+KKpV/9oL+XoT/O36t6Q8MZIGXwj75lxP8X9NSZxO0b5E7CRDyW5rsl6xfa3YaQrWqZRKhOeGASWRYtUZcpVAAAAFQCazkzFpIwqEpAbn0jZlkUHKbpwuQAAAIA4AGcL/OMIDtxC7T1smSPVk0VEr5i+IfL4xPLRSQCw6/Jr4OLzBH/TiTAjyp7NZszIu586J85t1nO3kOx/fKI8Ik2jDvJOmdUtDvMZnbZK1rvFiw3dCxEERGVW1LjyAnxtebl/pOJ6CpO4Pfh87mx+iH9m90oZSCDz602DXUz50wAAAIA0mmctzgavC8ApEsbKI69MhaYhkyxvEaucTarkGPAPvXPurfVJ8ZwtK3dYckLgn3a5WPHWqIZVfmtSbnkwld+t3BIl8IX6bKa2WaffUeU6k50ssUV6IvW+IHd0JJ/mwE6f9caNS7x0pC0+DQujp553IP5cr9NskQTK4j/Iwwlkrw==' ) # noqa # 172.16.1.11 k5 = keystore.parse_public_key( 'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvUNY7kd1sDujt9HhdT6VWtf8yVRAw2Ib+M6ptWTuWWnPGR6TP/ZwumSs/rAguyxWrNRbw7Eainr/BTEFATpJRYKUDPZKGHLT3ixtOy7scUVRyaJD7F3L7BujkhHLWOyFJGtoZmJEdQmddGDwq+16gLD06GA8/N8kkQFRR6vwlRs=' ) # noqa # Do the tests. self.assertEqual( x.check_for_host(IPv4_Remote_Host_ID('10.1.1.108', ''), k1), 1) self.assertEqual( x.check_for_host(IPv4_Remote_Host_ID('1.2.3.4', ''), k1), 0) self.assertEqual( x.check_for_host( IPv4_Remote_Host_ID('0.0.0.0', 'lists.ironport.com'), k2), 1) self.assertEqual( x.check_for_host( IPv4_Remote_Host_ID('lists.ironport.com', '10.1.1.109'), k2), 1) self.assertEqual( x.check_for_host(IPv4_Remote_Host_ID('10.1.1.109', ''), k2), 1) self.assertEqual( x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0', 'outlaw.qa'), k3), 0) self.assertEqual( x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0', 'foo.qa'), k3), 1) self.assertEqual( x.check_for_host(IPv4_Remote_Host_ID('172.17.0.201', ''), k3), 1) self.assertEqual( x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0', 'foo.com'), k4), 1) self.assertEqual( x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0', 'test04.god'), k4), 1) self.assertRaises(Host_Key_Changed_Error, x.check_for_host, IPv4_Remote_Host_ID('10.1.1.108', ''), k2) self.assertEqual( x.check_for_host( IPv4_Remote_Host_ID('lists.ironport.com', '10.1.1.108'), k1), 1) self.assertEqual( x.check_for_host(IPv4_Remote_Host_ID('0.0.0.0', 'unknown.dom'), k1), 0) self.assertRaises(Host_Key_Changed_Error, x.check_for_host, IPv4_Remote_Host_ID('10.1.1.108', ''), unknown_key) self.assertEqual( x.check_for_host(IPv4_Remote_Host_ID('172.16.1.11', ''), unknown_key), 0) self.assertEqual( x.check_for_host(IPv4_Remote_Host_ID('172.16.1.11', ''), k5), 1) finally: os.unlink(tmp_filename)