sshkeyauth 0.0.6 → 0.0.7
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/ssh/key/signer.rb +9 -0
- data/lib/ssh/key/verifier.rb +27 -4
- data/samples/client.rb +2 -2
- data/samples/server.rb +3 -1
- metadata +3 -3
data/lib/ssh/key/signer.rb
CHANGED
|
@@ -63,6 +63,8 @@ module SSH; module Key; class Signer
|
|
|
63
63
|
return signatures
|
|
64
64
|
end
|
|
65
65
|
|
|
66
|
+
# Get a list of all identities we can sign with. This will pull from your
|
|
67
|
+
# ssh-agent if enabled.
|
|
66
68
|
def signing_identities
|
|
67
69
|
identities = []
|
|
68
70
|
if @use_agent
|
|
@@ -80,4 +82,11 @@ module SSH; module Key; class Signer
|
|
|
80
82
|
end
|
|
81
83
|
return identities
|
|
82
84
|
end # def signing_identities
|
|
85
|
+
|
|
86
|
+
# Add a private key to this Signer from a file (like ".ssh/id_rsa")
|
|
87
|
+
# * path - the string path to the key
|
|
88
|
+
# * passphrase - the passphrase for this key, omit if no passphrase.
|
|
89
|
+
def add_private_key_file(path, passphrase=nil)
|
|
90
|
+
@keys << Net::SSH::KeyFactory.load_private_key(path, passphrase)
|
|
91
|
+
end # def add_private_key_file(path)
|
|
83
92
|
end; end; end # class SSH::Key::Signer
|
data/lib/ssh/key/verifier.rb
CHANGED
|
@@ -38,9 +38,8 @@ module SSH; module Key; class Verifier
|
|
|
38
38
|
@use_authorized_keys = true
|
|
39
39
|
@sshd_config_file = "/etc/ssh/sshd_config"
|
|
40
40
|
@authorized_keys_file = nil
|
|
41
|
-
#@logger = Logger.new("/tmp/verifier.log")
|
|
42
41
|
@logger = Logger.new(STDERR)
|
|
43
|
-
@logger.level = Logger::WARN
|
|
42
|
+
@logger.level = $DEBUG ? Logger::DEBUG : Logger::WARN
|
|
44
43
|
@keys = []
|
|
45
44
|
end # def initialize
|
|
46
45
|
|
|
@@ -66,7 +65,6 @@ module SSH; module Key; class Verifier
|
|
|
66
65
|
def verify?(signature, original)
|
|
67
66
|
results = verify(signature, original)
|
|
68
67
|
results.each do |identity, verified|
|
|
69
|
-
@logger.info "Trying key #{identity.to_s[0..30]}... #{verified}"
|
|
70
68
|
return true if verified
|
|
71
69
|
end
|
|
72
70
|
return false
|
|
@@ -84,20 +82,26 @@ module SSH; module Key; class Verifier
|
|
|
84
82
|
results = {}
|
|
85
83
|
|
|
86
84
|
if signatures.is_a? Hash
|
|
85
|
+
@logger.debug("verify 'signatures' is a Hash")
|
|
87
86
|
inputs = signatures.values
|
|
88
87
|
elsif signatures.is_a? Array
|
|
88
|
+
@logger.debug("verify 'signatures' is an Array")
|
|
89
89
|
inputs = signatures
|
|
90
90
|
elsif signatures.is_a? String
|
|
91
|
+
@logger.debug("verify 'signatures' is an String")
|
|
91
92
|
inputs = [signatures]
|
|
92
93
|
end
|
|
93
94
|
|
|
94
95
|
if inputs[0].is_a? SSH::Key::Signature
|
|
96
|
+
@logger.debug("verify 'signatures' is an array of Signatures")
|
|
95
97
|
inputs = inputs.collect { |i| i.signature }
|
|
96
98
|
end
|
|
97
99
|
|
|
98
100
|
inputs.each do |signature|
|
|
99
101
|
identities.each do |identity|
|
|
100
|
-
|
|
102
|
+
key = [signature, identity]
|
|
103
|
+
results[key] = identity.ssh_do_verify(signature, original)
|
|
104
|
+
@logger.info "Trying key #{identity.to_s.split("\n")[1]}... #{results[key]}"
|
|
101
105
|
end
|
|
102
106
|
end
|
|
103
107
|
return results
|
|
@@ -207,6 +211,7 @@ module SSH; module Key; class Verifier
|
|
|
207
211
|
end
|
|
208
212
|
|
|
209
213
|
identity = Net::SSH::KeyFactory.load_data_public_key(line)
|
|
214
|
+
|
|
210
215
|
# Add the '.comment' attribute to our key
|
|
211
216
|
identity.extend(Net::SSH::Authentication::Agent::Comment)
|
|
212
217
|
|
|
@@ -222,4 +227,22 @@ module SSH; module Key; class Verifier
|
|
|
222
227
|
end
|
|
223
228
|
return keys
|
|
224
229
|
end
|
|
230
|
+
|
|
231
|
+
# Add a private key to this Verifier from a file (like ".ssh/id_rsa")
|
|
232
|
+
# * path - the string path to the key
|
|
233
|
+
# * passphrase - the passphrase for this key, omit if no passphrase.
|
|
234
|
+
def add_private_key_file(path, passphrase=nil)
|
|
235
|
+
@keys << Net::SSH::KeyFactory.load_private_key(path, passphrase)
|
|
236
|
+
end # def add_private_key_file(path)
|
|
237
|
+
|
|
238
|
+
# Add a public key to this Verifier from a file (like ".ssh/id_rsa.pub")
|
|
239
|
+
#
|
|
240
|
+
# This is for individual key files. If you want to specify an alternate
|
|
241
|
+
# location for your authorized_keys file, set:
|
|
242
|
+
# Verifier#authorized_keys_file = "/path/to/authorized_keys"
|
|
243
|
+
#
|
|
244
|
+
# * path - the string path to the public key
|
|
245
|
+
def add_public_key_file(path)
|
|
246
|
+
@keys << Net::SSH::KeyFactory.load_public_key(path)
|
|
247
|
+
end # def add_private_key_file(path)
|
|
225
248
|
end; end; end # class SSH::Key::Verifier
|
data/samples/client.rb
CHANGED
data/samples/server.rb
CHANGED
|
@@ -3,7 +3,8 @@
|
|
|
3
3
|
|
|
4
4
|
require "base64"
|
|
5
5
|
require "json"
|
|
6
|
-
|
|
6
|
+
|
|
7
|
+
$:.unshift "#{File.dirname(__FILE__)}/../lib"
|
|
7
8
|
require "ssh/key/verifier"
|
|
8
9
|
|
|
9
10
|
def main(argv)
|
|
@@ -13,6 +14,7 @@ def main(argv)
|
|
|
13
14
|
input = argv
|
|
14
15
|
end
|
|
15
16
|
verifier = SSH::Key::Verifier.new
|
|
17
|
+
verifier.use_agent = false
|
|
16
18
|
|
|
17
19
|
input.each do |line|
|
|
18
20
|
data = JSON.parse(line)
|
metadata
CHANGED
|
@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
|
|
|
5
5
|
segments:
|
|
6
6
|
- 0
|
|
7
7
|
- 0
|
|
8
|
-
-
|
|
9
|
-
version: 0.0.
|
|
8
|
+
- 7
|
|
9
|
+
version: 0.0.7
|
|
10
10
|
platform: ruby
|
|
11
11
|
authors:
|
|
12
12
|
- Jordan Sissel
|
|
@@ -14,7 +14,7 @@ autorequire:
|
|
|
14
14
|
bindir: bin
|
|
15
15
|
cert_chain: []
|
|
16
16
|
|
|
17
|
-
date: 2010-
|
|
17
|
+
date: 2010-11-04 00:00:00 -07:00
|
|
18
18
|
default_executable:
|
|
19
19
|
dependencies:
|
|
20
20
|
- !ruby/object:Gem::Dependency
|