def get_user_auth_keys (self, username):
"""Parse the users's authorized_keys file if any to look for authorized keys"""
if username in self.users_keys:
return self.users_keys[username]
self.users_keys[username] = []
userdir = os.path.expanduser("~" + username)
if not userdir:
return self.users_keys[username]
keyfile = os.path.join(userdir, ".ssh/authorized_keys")
if not keyfile or not os.path.exists(keyfile):
return self.users_keys[username]
with open(keyfile) as f:
for line in f.readlines():
line = line.strip()
if not line or line.startswith("#"):
continue
values = [ x.strip() for x in line.split() ]
exp = None
try:
int(values[0]) # bits value?
except ValueError:
# Type 1 or type 2, type 1 is bits in second value
options_ktype = values[0]
try:
int(values[1]) # bits value?
except ValueError:
# type 2 with options
ktype = options_ktype
data = values[1]
else:
# Type 1 no options.
exp = int(values[1])
data = values[2]
else:
# Type 1 no options.
exp = int(values[1])
data = values[2]
# XXX For now skip type 1 keys
if exp is not None:
continue
if data:
import base64
if ktype == "ssh-rsa":
key = ssh.RSAKey(data=base64.decodebytes(data.encode('ascii')))
elif ktype == "ssh-dss":
key = ssh.DSSKey(data=base64.decodebytes(data.encode('ascii')))
else:
key = None
if key:
self.users_keys[username].append(key)
return self.users_keys[username]
评论列表
文章目录