Source code for provy.more.debian.users.ssh
#!/usr/bin/python
# -*- coding: utf-8 -*-
'''
Roles in this namespace are meant to provide SSH keygen utilities for Debian distributions.
'''
from os.path import join
from Crypto.PublicKey import RSA
from provy.core import Role
[docs]class SSHRole(Role):
'''
This role provides SSH keygen utilities for Debian distributions.
Example:
::
from provy.core import Role
from provy.more.debian import SSHRole
class MySampleRole(Role):
def provision(self):
with self.using(SSHRole) as role:
role.ensure_ssh_key(user='someuser', private_key_file="private-key")
'''
[docs] def ensure_ssh_key(self, user, private_key_file):
'''
Ensures that the specified private ssh key is present in the remote server. Also creates the public key for this private key.
The private key file must be a template and be accessible to the :meth:`Role.render <provy.core.roles.Role.render>` method.
:param user: Owner of the keys.
:type user: :class:`str`
:param private_key_file: Template file for the private key.
:type private_key_file: :class:`str`
Example:
::
from provy.core import Role
from provy.more.debian import SSHRole
class MySampleRole(Role):
def provision(self):
with self.using(SSHRole) as role:
role.ensure_ssh_key(user='someuser', private_key_file="private-key")
'''
path = '/home/%s' % user
ssh_path = join(path, '.ssh')
self.ensure_dir(ssh_path, sudo=True, owner=user)
private_key = self.render(private_key_file)
key = RSA.importKey(private_key)
public_key = key.publickey().exportKey(format='OpenSSH')
self.__write_keys(user, private_key, public_key)
def __write_keys(self, user, private_key, public_key):
path = '/home/%s' % user
ssh_path = join(path, '.ssh')
pub_path = join(ssh_path, 'id_rsa.pub')
priv_path = join(ssh_path, 'id_rsa')
host = self.execute_python('import os; print os.uname()[1]', stdout=False)
host_str = "%s@%s" % (user, host)
pub_text = "%s %s" % (public_key, host_str)
pub_file = self.write_to_temp_file(pub_text)
priv_file = self.write_to_temp_file(private_key)
result_pub = self.update_file(pub_file, pub_path, sudo=True, owner=user)
result_priv = self.update_file(priv_file, priv_path, sudo=True, owner=user)
if result_pub or result_priv:
self.log("SSH keys generated at server!")
self.log("Public key:")
self.log(pub_text)