diff options
author | Paul Lettington <paul@plett.co.uk> | 2021-09-03 23:39:22 +0100 |
---|---|---|
committer | Paul Lettington <paul@plett.co.uk> | 2021-09-03 23:39:22 +0100 |
commit | 6b52387190f8213e7e02060e894c6ddd4fb7cb3d (patch) | |
tree | 54f3ae8662567277af4b443176e89cd307a1ecad | |
parent | 5f1c1ae4770fe36b5290f34d2f3a248c6b1a0ddb (diff) | |
download | vyos-1x-6b52387190f8213e7e02060e894c6ddd4fb7cb3d.tar.gz vyos-1x-6b52387190f8213e7e02060e894c6ddd4fb7cb3d.zip |
login: T971 allow quoting in public-keys options
This patch allows the use of `"` in ssh public-key options which
unlocks the ability to set the `from` option in a way that sshd will
accept to limit what hosts a user can connect from.
-rwxr-xr-x | src/conf_mode/system-login.py | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/conf_mode/system-login.py b/src/conf_mode/system-login.py index 318ff276d..4dd7f936d 100755 --- a/src/conf_mode/system-login.py +++ b/src/conf_mode/system-login.py @@ -240,7 +240,9 @@ def apply(login): # XXX: Should we deny using root at all? home_dir = getpwnam(user).pw_dir render(f'{home_dir}/.ssh/authorized_keys', 'login/authorized_keys.tmpl', - user_config, permission=0o600, user=user, group='users') + user_config, permission=0o600, + formater=lambda _: _.replace(""", '"'), + user=user, group='users') except Exception as e: raise ConfigError(f'Adding user "{user}" raised exception: "{e}"') |