diff options
author | Christian Breunig <christian@breunig.cc> | 2024-02-13 05:32:36 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-02-13 05:32:36 +0100 |
commit | 0732e89d561ff9606fa1b91e718d3243bdfa3ff7 (patch) | |
tree | 561a7324e7d2d6f59a19a661f631f586c771168a /src/migration-scripts | |
parent | 87ddb8c5e89a81959e56829dedc6b9f1bb253388 (diff) | |
parent | 3bfbbef22954488541abd3cad262b1e196d4c240 (diff) | |
download | vyos-1x-0732e89d561ff9606fa1b91e718d3243bdfa3ff7.tar.gz vyos-1x-0732e89d561ff9606fa1b91e718d3243bdfa3ff7.zip |
Merge pull request #2988 from c-po/pki-rpki-t6034
rpki: T6034: move file based SSH keys for authentication to PKI subsystem
Diffstat (limited to 'src/migration-scripts')
-rwxr-xr-x | src/migration-scripts/rpki/1-to-2 | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/src/migration-scripts/rpki/1-to-2 b/src/migration-scripts/rpki/1-to-2 index 559440bba..50d4a3dfc 100755 --- a/src/migration-scripts/rpki/1-to-2 +++ b/src/migration-scripts/rpki/1-to-2 @@ -19,7 +19,11 @@ from sys import exit from sys import argv + from vyos.configtree import ConfigTree +from vyos.pki import OPENSSH_KEY_BEGIN +from vyos.pki import OPENSSH_KEY_END +from vyos.utils.file import read_file if len(argv) < 2: print("Must specify file name!") @@ -43,6 +47,24 @@ if config.exists(base + ['cache']): if config.exists(ssh_node + ['known-hosts-file']): config.delete(ssh_node + ['known-hosts-file']) + if config.exists(base + ['cache', cache, 'ssh']): + private_key_node = base + ['cache', cache, 'ssh', 'private-key-file'] + private_key_file = config.return_value(private_key_node) + private_key = read_file(private_key_file).replace(OPENSSH_KEY_BEGIN, '').replace(OPENSSH_KEY_END, '').replace('\n','') + + public_key_node = base + ['cache', cache, 'ssh', 'public-key-file'] + public_key_file = config.return_value(public_key_node) + public_key = read_file(public_key_file).split() + + config.set(['pki', 'openssh', f'rpki-{cache}', 'private', 'key'], value=private_key) + config.set(['pki', 'openssh', f'rpki-{cache}', 'public', 'key'], value=public_key[1]) + config.set(['pki', 'openssh', f'rpki-{cache}', 'public', 'type'], value=public_key[0]) + config.set_tag(['pki', 'openssh']) + config.set(ssh_node + ['key'], value=f'rpki-{cache}') + + config.delete(private_key_node) + config.delete(public_key_node) + try: with open(file_name, 'w') as f: f.write(config.to_string()) |