Alon Bar-Lev has uploaded a new change for review. Change subject: packaging: setup: do not use private key when constructing ssh public ......................................................................
packaging: setup: do not use private key when constructing ssh public configuration can have ssh-askpass which is in conflict to us. ssh-keygen of rhel does not have -m PKCS8 so we must construct the public key format our-selves. Change-Id: Ia79ea31d259003a880f0a01b6f888fd3e7bc993f Signed-off-by: Alon Bar-Lev <[email protected]> --- M packaging/setup/plugins/ovirt-engine-setup/pki/ssh.py 1 file changed, 21 insertions(+), 21 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/09/18509/1 diff --git a/packaging/setup/plugins/ovirt-engine-setup/pki/ssh.py b/packaging/setup/plugins/ovirt-engine-setup/pki/ssh.py index 960d07d..33b73a0 100644 --- a/packaging/setup/plugins/ovirt-engine-setup/pki/ssh.py +++ b/packaging/setup/plugins/ovirt-engine-setup/pki/ssh.py @@ -20,9 +20,14 @@ import os +import base64 +import struct import tempfile import gettext _ = lambda m: gettext.dgettext(message=m, domain='ovirt-engine-setup') + + +from M2Crypto import RSA from otopi import util @@ -37,6 +42,16 @@ @util.export class Plugin(plugin.PluginBase): """CA plugin.""" + + def _getSSHPublicKey(self, key): + ALGO = 'ssh-rsa' + key = RSA.load_key_string(key.encode('ascii')) + sshkey = ( + struct.pack('!l', len(ALGO)) + ALGO.encode('ascii') + + key.pub()[0] + + key.pub()[1] + ) + return '%s %s' % (ALGO, base64.b64encode(sshkey)) def __init__(self, context): super(Plugin, self).__init__(context=context) @@ -78,18 +93,9 @@ ], ) ) - rc, pubkey, stderr = self.execute( - ( - self.command.get('ssh-keygen'), - '-y', - '-f', '/dev/fd/0', - ), - stdin=privkey, - logStreams=False, - ) self.environment[ osetupcons.PKIEnv.ENGINE_SSH_PUBLIC_KEY_VALUE - ] = pubkey[0] + ] = self._getSSHPublicKey('\n'.join(privkey)) @plugin.event( stage=plugin.Stages.STAGE_CLOSEUP, @@ -103,20 +109,14 @@ def _closeup(self): temp = None try: - rc, pubkey, stderr = self.execute( - ( - self.command.get('ssh-keygen'), - '-y', - '-f', ( - osetupcons.FileLocations. - OVIRT_ENGINE_PKI_ENGINE_SSH_KEY - ), - ), - ) fd, temp = tempfile.mkstemp(suffix='.pub') os.close(fd) with open(temp, "w") as f: - f.write(pubkey[0]) + f.write( + self.environment[ + osetupcons.PKIEnv.ENGINE_SSH_PUBLIC_KEY_VALUE + ] + ) f.write('\n') rc, fingerprint, stderr = self.execute( -- To view, visit http://gerrit.ovirt.org/18509 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ia79ea31d259003a880f0a01b6f888fd3e7bc993f Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: ovirt-engine-3.3 Gerrit-Owner: Alon Bar-Lev <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
