sshkeyauth 0.0.6 → 0.0.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/ssh/key/signer.rb +9 -0
- data/lib/ssh/key/verifier.rb +27 -4
- data/samples/client.rb +2 -2
- data/samples/server.rb +3 -1
- metadata +3 -3
data/lib/ssh/key/signer.rb
CHANGED
|
@@ -63,6 +63,8 @@ module SSH; module Key; class Signer
|
|
|
63
63
|
return signatures
|
|
64
64
|
end
|
|
65
65
|
|
|
66
|
+
# Get a list of all identities we can sign with. This will pull from your
|
|
67
|
+
# ssh-agent if enabled.
|
|
66
68
|
def signing_identities
|
|
67
69
|
identities = []
|
|
68
70
|
if @use_agent
|
|
@@ -80,4 +82,11 @@ module SSH; module Key; class Signer
|
|
|
80
82
|
end
|
|
81
83
|
return identities
|
|
82
84
|
end # def signing_identities
|
|
85
|
+
|
|
86
|
+
# Add a private key to this Signer from a file (like ".ssh/id_rsa")
|
|
87
|
+
# * path - the string path to the key
|
|
88
|
+
# * passphrase - the passphrase for this key, omit if no passphrase.
|
|
89
|
+
def add_private_key_file(path, passphrase=nil)
|
|
90
|
+
@keys << Net::SSH::KeyFactory.load_private_key(path, passphrase)
|
|
91
|
+
end # def add_private_key_file(path)
|
|
83
92
|
end; end; end # class SSH::Key::Signer
|
data/lib/ssh/key/verifier.rb
CHANGED
|
@@ -38,9 +38,8 @@ module SSH; module Key; class Verifier
|
|
|
38
38
|
@use_authorized_keys = true
|
|
39
39
|
@sshd_config_file = "/etc/ssh/sshd_config"
|
|
40
40
|
@authorized_keys_file = nil
|
|
41
|
-
#@logger = Logger.new("/tmp/verifier.log")
|
|
42
41
|
@logger = Logger.new(STDERR)
|
|
43
|
-
@logger.level = Logger::WARN
|
|
42
|
+
@logger.level = $DEBUG ? Logger::DEBUG : Logger::WARN
|
|
44
43
|
@keys = []
|
|
45
44
|
end # def initialize
|
|
46
45
|
|
|
@@ -66,7 +65,6 @@ module SSH; module Key; class Verifier
|
|
|
66
65
|
def verify?(signature, original)
|
|
67
66
|
results = verify(signature, original)
|
|
68
67
|
results.each do |identity, verified|
|
|
69
|
-
@logger.info "Trying key #{identity.to_s[0..30]}... #{verified}"
|
|
70
68
|
return true if verified
|
|
71
69
|
end
|
|
72
70
|
return false
|
|
@@ -84,20 +82,26 @@ module SSH; module Key; class Verifier
|
|
|
84
82
|
results = {}
|
|
85
83
|
|
|
86
84
|
if signatures.is_a? Hash
|
|
85
|
+
@logger.debug("verify 'signatures' is a Hash")
|
|
87
86
|
inputs = signatures.values
|
|
88
87
|
elsif signatures.is_a? Array
|
|
88
|
+
@logger.debug("verify 'signatures' is an Array")
|
|
89
89
|
inputs = signatures
|
|
90
90
|
elsif signatures.is_a? String
|
|
91
|
+
@logger.debug("verify 'signatures' is an String")
|
|
91
92
|
inputs = [signatures]
|
|
92
93
|
end
|
|
93
94
|
|
|
94
95
|
if inputs[0].is_a? SSH::Key::Signature
|
|
96
|
+
@logger.debug("verify 'signatures' is an array of Signatures")
|
|
95
97
|
inputs = inputs.collect { |i| i.signature }
|
|
96
98
|
end
|
|
97
99
|
|
|
98
100
|
inputs.each do |signature|
|
|
99
101
|
identities.each do |identity|
|
|
100
|
-
|
|
102
|
+
key = [signature, identity]
|
|
103
|
+
results[key] = identity.ssh_do_verify(signature, original)
|
|
104
|
+
@logger.info "Trying key #{identity.to_s.split("\n")[1]}... #{results[key]}"
|
|
101
105
|
end
|
|
102
106
|
end
|
|
103
107
|
return results
|
|
@@ -207,6 +211,7 @@ module SSH; module Key; class Verifier
|
|
|
207
211
|
end
|
|
208
212
|
|
|
209
213
|
identity = Net::SSH::KeyFactory.load_data_public_key(line)
|
|
214
|
+
|
|
210
215
|
# Add the '.comment' attribute to our key
|
|
211
216
|
identity.extend(Net::SSH::Authentication::Agent::Comment)
|
|
212
217
|
|
|
@@ -222,4 +227,22 @@ module SSH; module Key; class Verifier
|
|
|
222
227
|
end
|
|
223
228
|
return keys
|
|
224
229
|
end
|
|
230
|
+
|
|
231
|
+
# Add a private key to this Verifier from a file (like ".ssh/id_rsa")
|
|
232
|
+
# * path - the string path to the key
|
|
233
|
+
# * passphrase - the passphrase for this key, omit if no passphrase.
|
|
234
|
+
def add_private_key_file(path, passphrase=nil)
|
|
235
|
+
@keys << Net::SSH::KeyFactory.load_private_key(path, passphrase)
|
|
236
|
+
end # def add_private_key_file(path)
|
|
237
|
+
|
|
238
|
+
# Add a public key to this Verifier from a file (like ".ssh/id_rsa.pub")
|
|
239
|
+
#
|
|
240
|
+
# This is for individual key files. If you want to specify an alternate
|
|
241
|
+
# location for your authorized_keys file, set:
|
|
242
|
+
# Verifier#authorized_keys_file = "/path/to/authorized_keys"
|
|
243
|
+
#
|
|
244
|
+
# * path - the string path to the public key
|
|
245
|
+
def add_public_key_file(path)
|
|
246
|
+
@keys << Net::SSH::KeyFactory.load_public_key(path)
|
|
247
|
+
end # def add_private_key_file(path)
|
|
225
248
|
end; end; end # class SSH::Key::Verifier
|
data/samples/client.rb
CHANGED
data/samples/server.rb
CHANGED
|
@@ -3,7 +3,8 @@
|
|
|
3
3
|
|
|
4
4
|
require "base64"
|
|
5
5
|
require "json"
|
|
6
|
-
|
|
6
|
+
|
|
7
|
+
$:.unshift "#{File.dirname(__FILE__)}/../lib"
|
|
7
8
|
require "ssh/key/verifier"
|
|
8
9
|
|
|
9
10
|
def main(argv)
|
|
@@ -13,6 +14,7 @@ def main(argv)
|
|
|
13
14
|
input = argv
|
|
14
15
|
end
|
|
15
16
|
verifier = SSH::Key::Verifier.new
|
|
17
|
+
verifier.use_agent = false
|
|
16
18
|
|
|
17
19
|
input.each do |line|
|
|
18
20
|
data = JSON.parse(line)
|
metadata
CHANGED
|
@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
|
|
|
5
5
|
segments:
|
|
6
6
|
- 0
|
|
7
7
|
- 0
|
|
8
|
-
-
|
|
9
|
-
version: 0.0.
|
|
8
|
+
- 7
|
|
9
|
+
version: 0.0.7
|
|
10
10
|
platform: ruby
|
|
11
11
|
authors:
|
|
12
12
|
- Jordan Sissel
|
|
@@ -14,7 +14,7 @@ autorequire:
|
|
|
14
14
|
bindir: bin
|
|
15
15
|
cert_chain: []
|
|
16
16
|
|
|
17
|
-
date: 2010-
|
|
17
|
+
date: 2010-11-04 00:00:00 -07:00
|
|
18
18
|
default_executable:
|
|
19
19
|
dependencies:
|
|
20
20
|
- !ruby/object:Gem::Dependency
|