Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
CIRCLE
/
django-sshkey
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
cf01d771
authored
Jul 07, 2014
by
Scott Duckworth
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'release/2.3.0' into develop
parents
54cbad05
3010e7d9
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
100 additions
and
20 deletions
+100
-20
README.rst
+95
-17
README.upgrading.rst
+3
-1
django_sshkey/__init__.py
+1
-1
django_sshkey/settings.py
+1
-1
No files found.
README.rst
View file @
cf01d771
...
@@ -21,16 +21,29 @@ should be a string containing options accepted by sshd, with ``{username}``
...
@@ -21,16 +21,29 @@ should be a string containing options accepted by sshd, with ``{username}``
being replaced with the username of the user associated with the incoming
being replaced with the username of the user associated with the incoming
public key.
public key.
django-sshkey can also help you keep track of when a key was last used.
``SSHKEY_AUTHORIZED_KEYS_OPTIONS`` also replaces ``{key_id}`` with the key's
id. The command that is run can then notify django-sshkey that the key was used
by issuing a HTTP POST to the lookup URL, placing the key_id in the request
body.
For instance::
For instance::
SSHKEY_AUTHORIZED_KEYS_OPTIONS = 'command="my-command {username}",no-pty'
SSHKEY_AUTHORIZED_KEYS_OPTIONS = 'command="my-command {username}
{key_id}
",no-pty'
in settings.py will cause keys produced by the below commands to look similar
in settings.py will cause keys produced by the below commands to look similar
to::
to::
command="my-command fred",no-pty ssh-rsa AAAAB3NzaC1yc2E...
command="my-command fred 15",no-pty ssh-rsa AAAAB3NzaC1yc2E...
sshd would then verify the key is correct and run ``my-command``.
``my-command`` would then know that this is fred and that he is using key 15,
and could tell django-sshkey to update the last_used field of that key by
running the equivalent of this command::
curl -d 15 http://localhost:8000/sshkey/lookup
assuming the key ``AAAAB3NzaC1yc2E...`` is owned by fred
.
Your URL may vary depending upon your configuration
.
URL Configuration
URL Configuration
-----------------
-----------------
...
@@ -57,6 +70,52 @@ mapping.
...
@@ -57,6 +70,52 @@ mapping.
and only the systems that need to run the lookup commands should have access
and only the systems that need to run the lookup commands should have access
to it.
to it.
Settings
--------
``SSHKEY_AUTHORIZED_KEYS_OPTIONS``
String, optional. Defines the SSH options that will be prepended to each
public key. ``{username}`` will be replaced by the username; ``{key_id}``
will be replaced by the key's id. New in version 2.3.
``SSHKEY_ALLOW_EDIT``
Boolean, defaults to ``False``. Whether or not editing keys is allowed.
Note that no email will be sent in any case when a key is edited, hence the
reason that editing keys is disabled by default. New in version 2.3.
``SSHKEY_EMAIL_ADD_KEY``
Boolean, defaults to ``True``. Whether or not an email should be sent to the
user when a new key is added to their account. New in version 2.3.
``SSHKEY_EMAIL_ADD_KEY_SUBJECT``
String, defaults to ``"A new key was added to your account"``. The subject of
the email that gets sent out when a new key is added. New in version 2.3.
``SSHKEY_FROM_EMAIL``
String, defaults to ``DEFAULT_FROM_EMAIL``. New in version 2.3.
``SSHKEY_SEND_HTML_EMAIL``
Boolean, defaults to ``False``. Whether or not multipart HTML emails should
be sent. New in version 2.3.
Templates
---------
Example templates are available in the ``templates.example`` directory.
``sshkey/userkey_list.html``
Used when listing a user's keys.
``sshkey/userkey_detail.html``
Used when adding or editing a user's keys.
``sshkey/add_key.txt``
The plain text body of the email sent when a new key is added. New in version
2.3.
``sshkey/add_key.html``
The HTML body of the email sent when a new key is added. New in version 2.3.
Tying OpenSSH to django-sshkey
Tying OpenSSH to django-sshkey
==============================
==============================
...
@@ -83,6 +142,39 @@ slower. To use the variants, replace ``lookup`` with ``pylookup``. For
...
@@ -83,6 +142,39 @@ slower. To use the variants, replace ``lookup`` with ``pylookup``. For
example, use ``django-sshkey-pylookup-all`` instead of
example, use ``django-sshkey-pylookup-all`` instead of
``django-sshkey-lookup-all``.
``django-sshkey-lookup-all``.
Using ``django-sshkey-lookup``
------------------------------
::
Usage: django-sshkey-lookup -a URL
django-sshkey-lookup -u URL USERNAME
django-sshkey-lookup -f URL FINGERPRINT
django-sshkey-lookup URL [USERNAME]
This program has different modes of operation:
``-a``
Print all public keys.
``-u``
Print all public keys owned by the specified user.
``-f``
Print all public keys matching the specified fingerprint.
Default
Compatibility mode. If the username parameter is given then print all public
keys owned by the specified user; otherwise perform the same functionality as
``django-sshkey-lookup-by-fingerprint`` (see below).
All modes expect that the lookup URL be specified as the first non-option
parameter.
This command is compatible with the old script ``lookup.sh`` but was renamed
to have a less ambiguous name when installed system-wide. A symlink is left in
its place for backwards compatibility.
Using ``django-sshkey-lookup-all``
Using ``django-sshkey-lookup-all``
----------------------------------
----------------------------------
...
@@ -151,20 +243,6 @@ This program:
...
@@ -151,20 +243,6 @@ This program:
* is ideal if you want all Django users to access SSH via a shared system user
* is ideal if you want all Django users to access SSH via a shared system user
account and be identified by their SSH public key.
account and be identified by their SSH public key.
Using ``django-sshkey-lookup``
------------------------------
``Usage: django-sshkey-lookup URL [USERNAME]``
This program is a wrapper around the previous two commands. The first
parameter is placed in the ``SSHKEY_LOOKUP_URL`` environment variable. If the
second parameter is present then ``django-sshkey-lookup-by-username`` is
executed; otherwise ``django-sshkey-lookup-by-fingerprint`` is executed.
This command is compatible with the old script ``lookup.sh`` but was renamed
to have a less ambiguous name when installed system-wide. A symlink is left in
its place for backwards compatibility.
.. _OpenSSH: http://www.openssh.com/
.. _OpenSSH: http://www.openssh.com/
.. _openssh-akcenv: https://github.com/ScottDuckworth/openssh-akcenv
.. _openssh-akcenv: https://github.com/ScottDuckworth/openssh-akcenv
.. _openssh-stdinkey: https://github.com/ScottDuckworth/openssh-stdinkey
.. _openssh-stdinkey: https://github.com/ScottDuckworth/openssh-stdinkey
README.upgrading.rst
View file @
cf01d771
...
@@ -17,7 +17,9 @@ The following table maps django-sshkey version to migration labels:
...
@@ -17,7 +17,9 @@ The following table maps django-sshkey version to migration labels:
+---------+---------------+-------+------------------------------------------+
+---------+---------------+-------+------------------------------------------+
| 1.1 | sshkey | 0002 | |
| 1.1 | sshkey | 0002 | |
+---------+---------------+-------+------------------------------------------+
+---------+---------------+-------+------------------------------------------+
| 2.0+ | django_sshkey | 0001 | See Upgrading from 1.1.x to 2.x below |
| 2.0-2.2 | django_sshkey | 0001 | See Upgrading from 1.1.x to 2.x below |
+---------+---------------+-------+------------------------------------------+
| 2.3 | django_sshkey | 0002 | |
+---------+---------------+-------+------------------------------------------+
+---------+---------------+-------+------------------------------------------+
To upgrade, install the new version of django-sshkey and then migrate your
To upgrade, install the new version of django-sshkey and then migrate your
...
...
django_sshkey/__init__.py
View file @
cf01d771
...
@@ -26,4 +26,4 @@
...
@@ -26,4 +26,4 @@
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
__version__
=
'2.
2
.0'
__version__
=
'2.
3
.0'
django_sshkey/settings.py
View file @
cf01d771
...
@@ -29,7 +29,7 @@
...
@@ -29,7 +29,7 @@
from
django.conf
import
settings
from
django.conf
import
settings
SSHKEY_AUTHORIZED_KEYS_OPTIONS
=
getattr
(
settings
,
'SSHKEY_AUTHORIZED_KEYS_OPTIONS'
,
None
)
SSHKEY_AUTHORIZED_KEYS_OPTIONS
=
getattr
(
settings
,
'SSHKEY_AUTHORIZED_KEYS_OPTIONS'
,
None
)
SSHKEY_ALLOW_EDIT
=
getattr
(
settings
,
'SSHKEY_ALLOW_EDIT'
,
Tru
e
)
SSHKEY_ALLOW_EDIT
=
getattr
(
settings
,
'SSHKEY_ALLOW_EDIT'
,
Fals
e
)
SSHKEY_EMAIL_ADD_KEY
=
getattr
(
settings
,
'SSHKEY_EMAIL_ADD_KEY'
,
True
)
SSHKEY_EMAIL_ADD_KEY
=
getattr
(
settings
,
'SSHKEY_EMAIL_ADD_KEY'
,
True
)
SSHKEY_EMAIL_ADD_KEY_SUBJECT
=
getattr
(
settings
,
'SSHKEY_EMAIL_ADD_KEY_SUBJECT'
,
SSHKEY_EMAIL_ADD_KEY_SUBJECT
=
getattr
(
settings
,
'SSHKEY_EMAIL_ADD_KEY_SUBJECT'
,
"A new public key was added to your account"
"A new public key was added to your account"
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment