summaryrefslogtreecommitdiff
path: root/src/migration-scripts
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2024-02-13 05:32:36 +0100
committerGitHub <noreply@github.com>2024-02-13 05:32:36 +0100
commit0732e89d561ff9606fa1b91e718d3243bdfa3ff7 (patch)
tree561a7324e7d2d6f59a19a661f631f586c771168a /src/migration-scripts
parent87ddb8c5e89a81959e56829dedc6b9f1bb253388 (diff)
parent3bfbbef22954488541abd3cad262b1e196d4c240 (diff)
downloadvyos-1x-0732e89d561ff9606fa1b91e718d3243bdfa3ff7.tar.gz
vyos-1x-0732e89d561ff9606fa1b91e718d3243bdfa3ff7.zip
Merge pull request #2988 from c-po/pki-rpki-t6034
rpki: T6034: move file based SSH keys for authentication to PKI subsystem
Diffstat (limited to 'src/migration-scripts')
-rwxr-xr-xsrc/migration-scripts/rpki/1-to-222
1 files changed, 22 insertions, 0 deletions
diff --git a/src/migration-scripts/rpki/1-to-2 b/src/migration-scripts/rpki/1-to-2
index 559440bba..50d4a3dfc 100755
--- a/src/migration-scripts/rpki/1-to-2
+++ b/src/migration-scripts/rpki/1-to-2
@@ -19,7 +19,11 @@
from sys import exit
from sys import argv
+
from vyos.configtree import ConfigTree
+from vyos.pki import OPENSSH_KEY_BEGIN
+from vyos.pki import OPENSSH_KEY_END
+from vyos.utils.file import read_file
if len(argv) < 2:
print("Must specify file name!")
@@ -43,6 +47,24 @@ if config.exists(base + ['cache']):
if config.exists(ssh_node + ['known-hosts-file']):
config.delete(ssh_node + ['known-hosts-file'])
+ if config.exists(base + ['cache', cache, 'ssh']):
+ private_key_node = base + ['cache', cache, 'ssh', 'private-key-file']
+ private_key_file = config.return_value(private_key_node)
+ private_key = read_file(private_key_file).replace(OPENSSH_KEY_BEGIN, '').replace(OPENSSH_KEY_END, '').replace('\n','')
+
+ public_key_node = base + ['cache', cache, 'ssh', 'public-key-file']
+ public_key_file = config.return_value(public_key_node)
+ public_key = read_file(public_key_file).split()
+
+ config.set(['pki', 'openssh', f'rpki-{cache}', 'private', 'key'], value=private_key)
+ config.set(['pki', 'openssh', f'rpki-{cache}', 'public', 'key'], value=public_key[1])
+ config.set(['pki', 'openssh', f'rpki-{cache}', 'public', 'type'], value=public_key[0])
+ config.set_tag(['pki', 'openssh'])
+ config.set(ssh_node + ['key'], value=f'rpki-{cache}')
+
+ config.delete(private_key_node)
+ config.delete(public_key_node)
+
try:
with open(file_name, 'w') as f:
f.write(config.to_string())