diff options
author | 2012-09-11 00:23:34 -0400 | |
---|---|---|
committer | 2012-09-11 00:23:34 -0400 | |
commit | 675621d903aeb9928955483a58c2e5d463d31a35 (patch) | |
tree | c92389ed139c6a1cd44e1a54089f68e4ec4dfbb0 /Assistant/Ssh.hs | |
parent | e588383e09259ddb06a661ce73a583b6e7257ce6 (diff) |
clean up authorized_keys handling
Including rollback of adding the key when a pairing response
gets canceled by the user.
Diffstat (limited to 'Assistant/Ssh.hs')
-rw-r--r-- | Assistant/Ssh.hs | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/Assistant/Ssh.hs b/Assistant/Ssh.hs index ad0749fb7..eefc2a2e2 100644 --- a/Assistant/Ssh.hs +++ b/Assistant/Ssh.hs @@ -101,14 +101,23 @@ validateSshPubKey pubkey = do unless (all (\c -> isAlphaNum c || c == '@') (ws !! 2)) $ error $ "bad comment in ssh public key " ++ pubkey -makeAuthorizedKeys :: Bool -> SshPubKey -> IO Bool -makeAuthorizedKeys rsynconly pubkey = boolSystem "sh" - [ Param "-c" , Param $ makeAuthorizedKeysCommand rsynconly pubkey ] +addAuthorizedKeys :: Bool -> SshPubKey -> IO Bool +addAuthorizedKeys rsynconly pubkey = boolSystem "sh" + [ Param "-c" , Param $ addAuthorizedKeysCommand rsynconly pubkey ] + +removeAuthorizedKeys :: Bool -> SshPubKey -> IO () +removeAuthorizedKeys rsynconly pubkey = do + let keyline = authorizedKeysLine rsynconly pubkey + sshdir <- sshDir + let keyfile = sshdir </> ".authorized_keys" + ls <- lines <$> readFileStrict keyfile + writeFile keyfile $ unlines $ + filter (\l -> not $ l == keyline) ls {- Implemented as a shell command, so it can be run on remote servers over - ssh. -} -makeAuthorizedKeysCommand :: Bool -> SshPubKey -> String -makeAuthorizedKeysCommand rsynconly pubkey = join "&&" $ +addAuthorizedKeysCommand :: Bool -> SshPubKey -> String +addAuthorizedKeysCommand rsynconly pubkey = join "&&" $ [ "mkdir -p ~/.ssh" , "touch ~/.ssh/authorized_keys" , "chmod 600 ~/.ssh/authorized_keys" |