SF.net SVN: safekeep: [442] safekeep/trunk

[<di...@us...>]

Revision: 442
          http://safekeep.svn.sourceforge.net/safekeep/?rev=442&view=rev
Author:   dimi
Date:     2007-03-07 14:40:01 -0800 (Wed, 07 Mar 2007)

Log Message:
-----------
Allow for the explicit spcification of an identity file during key management

Modified Paths:
--------------
    safekeep/trunk/doc/safekeep.txt
    safekeep/trunk/safekeep

Modified: safekeep/trunk/doc/safekeep.txt
===================================================================
--- safekeep/trunk/doc/safekeep.txt	2007-03-07 21:28:11 UTC (rev 441)
+++ safekeep/trunk/doc/safekeep.txt	2007-03-07 22:40:01 UTC (rev 442)
@@ -9,7 +9,7 @@
 --------
 'safekeep' [--server] [-q] [-v] [-c file] <clientid>*
 
-'safekeep' --keys [-q] [-v] [-c file] [--status] [--print] [--deploy] <clientid>*
+'safekeep' --keys [-q] [-v] [-c file] [-i file] [--status] [--print] [--deploy] <clientid>*
 
 'safekeep' --client
 
@@ -90,6 +90,11 @@
 
 KEYS OPTIONS
 ------------
+-i FILE::
+	Forces `ssh(1)` to use FILE for the identity (private key) in 
+	RSA/DSA authentication.  If not specified, ssh(1) will use its 
+	default indetity files.
+
 --status::
 	Display the key status for the clients. It is implied if no other
         option is specified. In effect this option prints the steps that

Modified: safekeep/trunk/safekeep
===================================================================
--- safekeep/trunk/safekeep	2007-03-07 21:28:11 UTC (rev 441)
+++ safekeep/trunk/safekeep	2007-03-07 22:40:01 UTC (rev 442)
@@ -622,7 +622,7 @@
     info('------------------------------------------------------------------')
     debug('Server backup done')
 
-def do_keys(cfgs, ids, status, dump, deploy):
+def do_keys(cfgs, ids, identity, status, dump, deploy):
     for cfg in cfgs.itervalues():
         id = cfg['id']
         if ids and id not in ids: continue
@@ -671,8 +671,13 @@
         output = '\n'.join(lines)
         if dump:
             print output
+
+        basessh = 'ssh'
+        if identity: basessh += ' -i %s' % (commands.mkarg(identity))
+
         if status or deploy:
-            cmd = 'ssh %s@%s "if test -f .ssh/authorized_keys; then cat .ssh/authorized_keys; fi"' % (cfg['user'], cfg['host'])
+            if identity: cmd = "ssh -i %s" % (commands.mkarg(identity))
+            cmd = '%s %s@%s "if test -f .ssh/authorized_keys; then cat .ssh/authorized_keys; fi"' % (basessh, cfg['user'], cfg['host'])
             debug(cmd)
             out = os.popen(cmd, 'r')
             authtext = out.read()
@@ -694,7 +699,7 @@
             if status:
                 print '%s: Keys will be deployed on the client.' % id
             if deploy:
-                cmd = 'ssh %s@%s "umask 077; test -d .ssh || mkdir .ssh; cat >> .ssh/authorized_keys"' % (cfg['user'], cfg['host'])
+                cmd = '%s %s@%s "umask 077; test -d .ssh || mkdir .ssh; cat >> .ssh/authorized_keys"' % (basessh, cfg['user'], cfg['host'])
                 debug(cmd)
                 pipe = os.popen(cmd, 'w')
                 pipe.write('%s\n' % '\n'.join([key[4] for key in new_keys]))
@@ -777,6 +782,7 @@
     print '-V, --version       show the version number and exit'
     print
     print 'keys options:'
+    print '-i FILE             use FILE as identity for RSA/DSA authentication'
     print '--status            display the key status for the clients (default)'
     print '--print             display the authorization keys'
     print '--deploy            deploy the authorization keys'
@@ -784,7 +790,7 @@
 
 def main():
     try:
-        opts, args = getopt.getopt(sys.argv[1:], 'c:e:hs:qvV',
+        opts, args = getopt.getopt(sys.argv[1:], 'c:e:i:hs:qvV',
                                    [ 'conf=', 'client', 'clientid=', 'deploy',
                                      'email=', 'help', 'keys', 'print',
                                      'quiet', 'server', 'smtp=', 'status',
@@ -799,6 +805,7 @@
     cfglocs = []
     verbosity = 0
     clientid = None
+    identity = None
     keys_status = None
     keys_print = None
     keys_deploy = None
@@ -831,6 +838,8 @@
         elif o in ('--keys', ):
             if mode: usage(2)
             mode = 'keys'
+        elif o in ('-i', ):
+            identity = a
         elif o in ('--status', ):
             keys_status = True
         elif o in ('--print', ):
@@ -848,7 +857,7 @@
     if mode is None:
         mode = 'server'
 
-    if mode is not 'keys' and (keys_status or keys_print or keys_deploy):
+    if mode is not 'keys' and (identity or keys_status or keys_print or keys_deploy):
         usage(2)
 
     if mode is not 'server' and (email or smtp):
@@ -901,7 +910,7 @@
             verbosity_level = 1 + verbosity
             if not keys_status and not keys_print and not keys_deploy: 
                 keys_status = True
-            do_keys(cfgs, args, keys_status, keys_print, keys_deploy)
+            do_keys(cfgs, args, identity, keys_status, keys_print, keys_deploy)
         else:
             assert False, 'Unkown mode: ' + mode
     except Exception, ex:


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.