Merge pull request #889 from erkin/current

T3506: loadkey: Add `generate public-key-command` command

2 files changed, 74 insertions, 0 deletions

diff --git a/op-mode-definitions/generate-public-key-command.xml.in b/op-mode-definitions/generate-public-key-command.xml.in
new file mode 100644
index 000000000..21f0f56f0
--- /dev/null
+++ b/op-mode-definitions/generate-public-key-command.xml.in
@@ -0,0 +1,33 @@
+<?xml version="1.0"?>
+<interfaceDefinition>
+  <node name="generate">
+    <children>
+      <node name="public-key-command">
+        <properties>
+          <help>Generate configuration mode command to add OpenSSH public key from file</help>
+        </properties>
+        <children>
+          <tagNode name="user">
+            <properties>
+              <help>Username of public key owner</help>
+              <completionHelp>
+                <list>&lt;username&gt;</list>
+              </completionHelp>
+            </properties>
+            <children>
+              <tagNode name="path">
+                <properties>
+                  <help>Local path or remote URL of OpenSSH public key</help>
+                  <completionHelp>
+                    <list><![CDATA[<http[s]://[<username>:<password>@]<hostname>/<path-to-file>> <ftp://[<username>[:<password>]@]<hostname>/<path-to-file>> <tftp://<hostname>/<path-to-file>> <sftp://[<username>[:<password>]@]<hostname>/<path-to-file>> <scp://[<username>[:<password>]@]<hostname>/<path-to-file>> <[file://]/<path-to-file>>]]></list>
+                  </completionHelp>
+                </properties>
+                <command>${vyos_op_scripts_dir}/generate_public_key_command.py "$4" "$6"</command>
+              </tagNode>
+            </children>
+          </tagNode>
+        </children>
+      </node>
+    </children>
+  </node>
+</interfaceDefinition>
diff --git a/src/op_mode/generate_public_key_command.py b/src/op_mode/generate_public_key_command.py
new file mode 100755
index 000000000..7a7b6c923
--- /dev/null
+++ b/src/op_mode/generate_public_key_command.py
@@ -0,0 +1,41 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2021 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+import os
+import sys
+import urllib.parse
+
+import vyos.remote
+
+def get_key(path):
+    url = urllib.parse.urlparse(path)
+    if url.scheme == 'file' or url.scheme == '':
+        with open(os.path.expanduser(path), 'r') as f:
+            key_string = f.read()
+    else:
+        key_string = vyos.remote.get_remote_config(path)
+    return key_string.split()
+
+username = sys.argv[1]
+algorithm, key, identifier = get_key(sys.argv[2])
+
+print('# To add this key as an embedded key, run the following commands:')
+print('configure')
+print(f'set system login user {username} authentication public-keys {identifier} key {key}')
+print(f'set system login user {username} authentication public-keys {identifier} type {algorithm}')
+print('commit')
+print('save')
+print('exit')