From a2db767cccca2c78c1dcc869157018e8d923ec08 Mon Sep 17 00:00:00 2001 From: erkin Date: Sun, 20 Jun 2021 12:54:12 +0300 Subject: T3506: loadkey: Add `generate public-key-command` command --- .../generate-public-key-command.xml.in | 33 ++++++++++++++++++ src/op_mode/generate_public_key_command.py | 40 ++++++++++++++++++++++ 2 files changed, 73 insertions(+) create mode 100644 op-mode-definitions/generate-public-key-command.xml.in create mode 100755 src/op_mode/generate_public_key_command.py diff --git a/op-mode-definitions/generate-public-key-command.xml.in b/op-mode-definitions/generate-public-key-command.xml.in new file mode 100644 index 000000000..b50b432b8 --- /dev/null +++ b/op-mode-definitions/generate-public-key-command.xml.in @@ -0,0 +1,33 @@ + + + + + + + Generate configuration mode command to add OpenSSH public key from file + + + + + Username of public key owner + + <username> + + + + + + Local path or remote URL of OpenSSH public key + + <http[s]://[<username>:<password>@]<hostname>/<path-to-file>> <ftp://[<username>[:<password>]@]<hostname>/<path-to-file>> <tftp://<hostname>/<path-to-file>> <sftp://[<username>[:<password>]@]<hostname>/<path-to-file>> <scp://[<username>[:<password>]@]<hostname>/<path-to-file>> <[file://]/<path-to-file>> + + + ${vyos_op_scripts_dir}/generate_public_key_command.py "$4" "$6" + + + + + + + + diff --git a/src/op_mode/generate_public_key_command.py b/src/op_mode/generate_public_key_command.py new file mode 100755 index 000000000..5f9133bf1 --- /dev/null +++ b/src/op_mode/generate_public_key_command.py @@ -0,0 +1,40 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2021 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +import os +import sys +import urllib.parse + +import vyos.remote + +def get_key(path): + url = urllib.parse.urlparse(path) + if url.scheme == 'file' or url.scheme == '': + with open(os.path.expanduser(path), 'r') as f: + key_string = f.read() + else: + key_string = vyos.remote.get_remote_config(path) + return key_string.split() + +username = sys.argv[1] +algorithm, key, identifier = get_key(sys.argv[2]) + +print('# To add this key as an embedded key, run the following commands:') +print('configure') +print(f'set system login user {username} authentication public-keys {identifier} key {key}') +print(f'set system login user {username} authentication public-keys {identifier} type {algorithm}') +print('commit') +print('exit') -- cgit v1.2.3 From 72c92a5d3162f5f1081dc831a81b19ea1686f366 Mon Sep 17 00:00:00 2001 From: erkin Date: Sun, 20 Jun 2021 14:31:02 +0300 Subject: Add `save` line --- src/op_mode/generate_public_key_command.py | 1 + 1 file changed, 1 insertion(+) diff --git a/src/op_mode/generate_public_key_command.py b/src/op_mode/generate_public_key_command.py index 5f9133bf1..7a7b6c923 100755 --- a/src/op_mode/generate_public_key_command.py +++ b/src/op_mode/generate_public_key_command.py @@ -37,4 +37,5 @@ print('configure') print(f'set system login user {username} authentication public-keys {identifier} key {key}') print(f'set system login user {username} authentication public-keys {identifier} type {algorithm}') print('commit') +print('save') print('exit') -- cgit v1.2.3 From 79ce4caf051ce30914ee3d08f1bd23753bf06af1 Mon Sep 17 00:00:00 2001 From: erkin Date: Sun, 20 Jun 2021 15:08:25 +0300 Subject: Use `CDATA` to quote URL templates --- op-mode-definitions/generate-public-key-command.xml.in | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/op-mode-definitions/generate-public-key-command.xml.in b/op-mode-definitions/generate-public-key-command.xml.in index b50b432b8..21f0f56f0 100644 --- a/op-mode-definitions/generate-public-key-command.xml.in +++ b/op-mode-definitions/generate-public-key-command.xml.in @@ -9,7 +9,7 @@ - Username of public key owner + Username of public key owner <username> @@ -17,9 +17,9 @@ - Local path or remote URL of OpenSSH public key + Local path or remote URL of OpenSSH public key - <http[s]://[<username>:<password>@]<hostname>/<path-to-file>> <ftp://[<username>[:<password>]@]<hostname>/<path-to-file>> <tftp://<hostname>/<path-to-file>> <sftp://[<username>[:<password>]@]<hostname>/<path-to-file>> <scp://[<username>[:<password>]@]<hostname>/<path-to-file>> <[file://]/<path-to-file>> + :@]/> [:]@]/> /> [:]@]/> [:]@]/> <[file://]/>]]> ${vyos_op_scripts_dir}/generate_public_key_command.py "$4" "$6" -- cgit v1.2.3 From 35d98c78455fe484cea18fb0c3c537059a798e17 Mon Sep 17 00:00:00 2001 From: erkin Date: Sun, 20 Jun 2021 15:43:26 +0300 Subject: Revert to the character entity reference version --- op-mode-definitions/generate-public-key-command.xml.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/op-mode-definitions/generate-public-key-command.xml.in b/op-mode-definitions/generate-public-key-command.xml.in index 21f0f56f0..5815e5cf9 100644 --- a/op-mode-definitions/generate-public-key-command.xml.in +++ b/op-mode-definitions/generate-public-key-command.xml.in @@ -19,7 +19,7 @@ Local path or remote URL of OpenSSH public key - :@]/> [:]@]/> /> [:]@]/> [:]@]/> <[file://]/>]]> + <http[s]://[<username>:<password>@]<hostname>/<path-to-file>> <ftp://[<username>[:<password>]@]<hostname>/<path-to-file>> <tftp://<hostname>/<path-to-file>> <sftp://[<username>[:<password>]@]<hostname>/<path-to-file>> <scp://[<username>[:<password>]@]<hostname>/<path-to-file>> <[file://]/<path-to-file>> ${vyos_op_scripts_dir}/generate_public_key_command.py "$4" "$6" -- cgit v1.2.3 From a80510875d1b44c83ac6104629460019db57aca9 Mon Sep 17 00:00:00 2001 From: erkin Date: Sun, 20 Jun 2021 15:55:58 +0300 Subject: Escape the slash character to dodge GCC preprocessor --- op-mode-definitions/generate-public-key-command.xml.in | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/op-mode-definitions/generate-public-key-command.xml.in b/op-mode-definitions/generate-public-key-command.xml.in index 5815e5cf9..7920acffd 100644 --- a/op-mode-definitions/generate-public-key-command.xml.in +++ b/op-mode-definitions/generate-public-key-command.xml.in @@ -19,7 +19,8 @@ Local path or remote URL of OpenSSH public key - <http[s]://[<username>:<password>@]<hostname>/<path-to-file>> <ftp://[<username>[:<password>]@]<hostname>/<path-to-file>> <tftp://<hostname>/<path-to-file>> <sftp://[<username>[:<password>]@]<hostname>/<path-to-file>> <scp://[<username>[:<password>]@]<hostname>/<path-to-file>> <[file://]/<path-to-file>> + + <http[s]://[<username>:<password>@]<hostname>/<path-to-file>> <ftp://[<username>[:<password>]@]<hostname>/<path-to-file>> <tftp://<hostname>/<path-to-file>> <sftp://[<username>[:<password>]@]<hostname>/<path-to-file>> <scp://[<username>[:<password>]@]<hostname>/<path-to-file>> <[file://]/<path-to-file>> ${vyos_op_scripts_dir}/generate_public_key_command.py "$4" "$6" -- cgit v1.2.3 From 04a088bb2f96b6f5b00ff0acb4218850384d5a25 Mon Sep 17 00:00:00 2001 From: erkin Date: Sun, 20 Jun 2021 17:02:30 +0300 Subject: Use `CDATA` to quote URL templates (redux) --- op-mode-definitions/generate-public-key-command.xml.in | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/op-mode-definitions/generate-public-key-command.xml.in b/op-mode-definitions/generate-public-key-command.xml.in index 7920acffd..21f0f56f0 100644 --- a/op-mode-definitions/generate-public-key-command.xml.in +++ b/op-mode-definitions/generate-public-key-command.xml.in @@ -19,8 +19,7 @@ Local path or remote URL of OpenSSH public key - - <http[s]://[<username>:<password>@]<hostname>/<path-to-file>> <ftp://[<username>[:<password>]@]<hostname>/<path-to-file>> <tftp://<hostname>/<path-to-file>> <sftp://[<username>[:<password>]@]<hostname>/<path-to-file>> <scp://[<username>[:<password>]@]<hostname>/<path-to-file>> <[file://]/<path-to-file>> + :@]/> [:]@]/> /> [:]@]/> [:]@]/> <[file://]/>]]> ${vyos_op_scripts_dir}/generate_public_key_command.py "$4" "$6" -- cgit v1.2.3