add setting SSHKEY_AUTHORIZED_KEYS_OPTIONS

SSHKEY_AUTHORIZED_KEYS_COMMAND is now deprecated

add setting SSHKEY_AUTHORIZED_KEYS_OPTIONS
SSHKEY_AUTHORIZED_KEYS_COMMAND is now deprecated
97957b88 · Scott Duckworth · a7871041 · 97957b88 · 97957b88 · 97957b88
Commit 97957b88 authored Aug 07, 2013 by Scott Duckworth
Hide whitespace changes
Inline Side-by-side

Showing with 24 additions and 9 deletions

README.md
+5 -6

sshkey/settings.py
+13 -0

sshkey/views.py
+6 -3

No files found.
--- a/README.md
+++ b/README.md
@@ -16,19 +16,18 @@ repository.  You should point Django to it in your project's settings.py or
 copy it into your project's directory.
 In order to associate an incoming public key with a user you must define
-SSHKEY\_AUTHORIZED\_KEYS\_COMMAND in your project's settings.py.  This should
+SSHKEY\_AUTHORIZED\_KEYS\_OPTIONS in your project's settings.py.  This should
-be a string containing the command which is run after successful
+be a string containing options accepted by sshd, with "{username}" being
-authentication, with "{username}" being replaced with the username of the user
+replaced with the username of the user associated with the incoming public key.
-associated with the incoming public key.
 For instance:
-> SSHKEY\_AUTHORIZED\_KEYS\_COMMAND = 'my-command {username}'
+> SSHKEY\_AUTHORIZED\_KEYS\_OPTIONS = 'command="my-command {username}",no-pty'
 in settings.py will cause keys produced by the below commands to look similar
 to:
-> command="my-command fred" ssh-rsa BLAHBLAHBLAH
+> command="my-command fred",no-pty ssh-rsa BLAHBLAHBLAH
 assuming the key "BLAHBLAHBLAH" is owned by fred.

--- a/sshkey/settings.py
+++ b/sshkey/settings.py
+from django.conf import settings
+SSHKEY_AUTHORIZED_KEYS_OPTIONS = getattr(settings, 'SSHKEY_AUTHORIZED_KEYS_OPTIONS', None)
+SSHKEY_AUTHORIZED_KEYS_COMMAND = getattr(settings, 'SSHKEY_AUTHORIZED_KEYS_COMMAND', None)
+if SSHKEY_AUTHORIZED_KEYS_COMMAND is not None:
+  import warnings
+  with warnings.catch_warnings():
+    import warnings
+    warnings.simplefilter('default', DeprecationWarning)
+    warnings.warn(
+      'SSHKEY_AUTHORIZED_KEYS_COMMAND has been deprecated; '
+      'use SSHKEY_AUTHORIZED_KEYS_OPTIONS instead.',
+      DeprecationWarning)
--- a/sshkey/views.py
+++ b/sshkey/views.py
@@ -5,7 +5,7 @@ from django.template import RequestContext
 from django.contrib.auth.decorators import login_required
 from django.core.exceptions import PermissionDenied
 from django.core.urlresolvers import reverse
-from django.conf import settings
+from sshkey import settings
 from sshkey.models import UserKey
 from sshkey.forms import UserKeyForm
@@ -22,13 +22,16 @@ def lookup(request):
      keys = UserKey.objects.iterator()
  response = ''
  for key in keys:
-    try:
+    if settings.SSHKEY_AUTHORIZED_KEYS_OPTIONS:
+      options = settings.SSHKEY_AUTHORIZED_KEYS_OPTIONS.format(
+        username=key.user.username) + ' '
+    elif settings.SSHKEY_AUTHORIZED_KEYS_COMMAND:
      options = 'command="%s" ' % (
        settings.SSHKEY_AUTHORIZED_KEYS_COMMAND
          .format(username=key.user.username)
          .replace('"', r'\"')
      )
-    except AttributeError:
+    else:
      options = ''
    response += options + key.key + '\n'
  return HttpResponse(response, mimetype='text/plain')