Commit 97957b88 by Scott Duckworth

add setting SSHKEY_AUTHORIZED_KEYS_OPTIONS

SSHKEY_AUTHORIZED_KEYS_COMMAND is now deprecated
parent a7871041
...@@ -16,19 +16,18 @@ repository. You should point Django to it in your project's settings.py or ...@@ -16,19 +16,18 @@ repository. You should point Django to it in your project's settings.py or
copy it into your project's directory. copy it into your project's directory.
In order to associate an incoming public key with a user you must define In order to associate an incoming public key with a user you must define
SSHKEY\_AUTHORIZED\_KEYS\_COMMAND in your project's settings.py. This should SSHKEY\_AUTHORIZED\_KEYS\_OPTIONS in your project's settings.py. This should
be a string containing the command which is run after successful be a string containing options accepted by sshd, with "{username}" being
authentication, with "{username}" being replaced with the username of the user replaced with the username of the user associated with the incoming public key.
associated with the incoming public key.
For instance: For instance:
> SSHKEY\_AUTHORIZED\_KEYS\_COMMAND = 'my-command {username}' > SSHKEY\_AUTHORIZED\_KEYS\_OPTIONS = 'command="my-command {username}",no-pty'
in settings.py will cause keys produced by the below commands to look similar in settings.py will cause keys produced by the below commands to look similar
to: to:
> command="my-command fred" ssh-rsa BLAHBLAHBLAH > command="my-command fred",no-pty ssh-rsa BLAHBLAHBLAH
assuming the key "BLAHBLAHBLAH" is owned by fred. assuming the key "BLAHBLAHBLAH" is owned by fred.
......
from django.conf import settings
SSHKEY_AUTHORIZED_KEYS_OPTIONS = getattr(settings, 'SSHKEY_AUTHORIZED_KEYS_OPTIONS', None)
SSHKEY_AUTHORIZED_KEYS_COMMAND = getattr(settings, 'SSHKEY_AUTHORIZED_KEYS_COMMAND', None)
if SSHKEY_AUTHORIZED_KEYS_COMMAND is not None:
import warnings
with warnings.catch_warnings():
import warnings
warnings.simplefilter('default', DeprecationWarning)
warnings.warn(
'SSHKEY_AUTHORIZED_KEYS_COMMAND has been deprecated; '
'use SSHKEY_AUTHORIZED_KEYS_OPTIONS instead.',
DeprecationWarning)
...@@ -5,7 +5,7 @@ from django.template import RequestContext ...@@ -5,7 +5,7 @@ from django.template import RequestContext
from django.contrib.auth.decorators import login_required from django.contrib.auth.decorators import login_required
from django.core.exceptions import PermissionDenied from django.core.exceptions import PermissionDenied
from django.core.urlresolvers import reverse from django.core.urlresolvers import reverse
from django.conf import settings from sshkey import settings
from sshkey.models import UserKey from sshkey.models import UserKey
from sshkey.forms import UserKeyForm from sshkey.forms import UserKeyForm
...@@ -22,13 +22,16 @@ def lookup(request): ...@@ -22,13 +22,16 @@ def lookup(request):
keys = UserKey.objects.iterator() keys = UserKey.objects.iterator()
response = '' response = ''
for key in keys: for key in keys:
try: if settings.SSHKEY_AUTHORIZED_KEYS_OPTIONS:
options = settings.SSHKEY_AUTHORIZED_KEYS_OPTIONS.format(
username=key.user.username) + ' '
elif settings.SSHKEY_AUTHORIZED_KEYS_COMMAND:
options = 'command="%s" ' % ( options = 'command="%s" ' % (
settings.SSHKEY_AUTHORIZED_KEYS_COMMAND settings.SSHKEY_AUTHORIZED_KEYS_COMMAND
.format(username=key.user.username) .format(username=key.user.username)
.replace('"', r'\"') .replace('"', r'\"')
) )
except AttributeError: else:
options = '' options = ''
response += options + key.key + '\n' response += options + key.key + '\n'
return HttpResponse(response, mimetype='text/plain') return HttpResponse(response, mimetype='text/plain')
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment