summaryrefslogtreecommitdiff
path: root/src/migration-scripts/rpki/1-to-2
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2024-02-14 13:09:15 +0100
committerGitHub <noreply@github.com>2024-02-14 13:09:15 +0100
commit697ce8c51c2ae9667a699b3d95e0ffa6b1984328 (patch)
tree2b806062465db67714edeb672bb426ef6ca1f092 /src/migration-scripts/rpki/1-to-2
parent5d70d5e4ff85d72c94b30c0340e96de6f4489f12 (diff)
parent86612b16ed2fa3df604c515dfcb6e45d700f3896 (diff)
downloadvyos-1x-697ce8c51c2ae9667a699b3d95e0ffa6b1984328.tar.gz
vyos-1x-697ce8c51c2ae9667a699b3d95e0ffa6b1984328.zip
Merge pull request #3009 from vyos/mergify/bp/sagitta/pr-2988
rpki: T6034: move file based SSH keys for authentication to PKI subsystem (backport #2988)
Diffstat (limited to 'src/migration-scripts/rpki/1-to-2')
-rwxr-xr-xsrc/migration-scripts/rpki/1-to-222
1 files changed, 22 insertions, 0 deletions
diff --git a/src/migration-scripts/rpki/1-to-2 b/src/migration-scripts/rpki/1-to-2
index 559440bba..50d4a3dfc 100755
--- a/src/migration-scripts/rpki/1-to-2
+++ b/src/migration-scripts/rpki/1-to-2
@@ -19,7 +19,11 @@
from sys import exit
from sys import argv
+
from vyos.configtree import ConfigTree
+from vyos.pki import OPENSSH_KEY_BEGIN
+from vyos.pki import OPENSSH_KEY_END
+from vyos.utils.file import read_file
if len(argv) < 2:
print("Must specify file name!")
@@ -43,6 +47,24 @@ if config.exists(base + ['cache']):
if config.exists(ssh_node + ['known-hosts-file']):
config.delete(ssh_node + ['known-hosts-file'])
+ if config.exists(base + ['cache', cache, 'ssh']):
+ private_key_node = base + ['cache', cache, 'ssh', 'private-key-file']
+ private_key_file = config.return_value(private_key_node)
+ private_key = read_file(private_key_file).replace(OPENSSH_KEY_BEGIN, '').replace(OPENSSH_KEY_END, '').replace('\n','')
+
+ public_key_node = base + ['cache', cache, 'ssh', 'public-key-file']
+ public_key_file = config.return_value(public_key_node)
+ public_key = read_file(public_key_file).split()
+
+ config.set(['pki', 'openssh', f'rpki-{cache}', 'private', 'key'], value=private_key)
+ config.set(['pki', 'openssh', f'rpki-{cache}', 'public', 'key'], value=public_key[1])
+ config.set(['pki', 'openssh', f'rpki-{cache}', 'public', 'type'], value=public_key[0])
+ config.set_tag(['pki', 'openssh'])
+ config.set(ssh_node + ['key'], value=f'rpki-{cache}')
+
+ config.delete(private_key_node)
+ config.delete(public_key_node)
+
try:
with open(file_name, 'w') as f:
f.write(config.to_string())