Class: Restic::Service::SSHKeys

Inherits:

Object

• Object
• Restic::Service::SSHKeys

Defined in:

lib/restic/service/ssh_keys.rb

Overview

Interface to the functionality of querying and verifying host keys

Defined Under Namespace

Classes: NoLocalKey, PublicKey, SSHFailed, ValidationFailed

Class Method Summary

• .load_keys_from_file(path) ⇒ Array<PublicKey>

  Load a set of SSH keys from a file.

• .load_keys_from_string(string) ⇒ Array<PublicKey>

  Load a set of SSH keys from a string.

Instance Method Summary

• #query_keys(host) ⇒ Object

  Query the list of keys for this host.

• #ssh_cleanup_config(ssh_config_path: self.ssh_config_path) ⇒ Object
• #ssh_config_path ⇒ Object
• #ssh_key_run(*args) ⇒ Object

  Run a ssh subprocess and returns its standard output.

• #ssh_keyscan_host(host) ⇒ Object

  Query the keys from a host and returns them as a SSH key string.

• #ssh_setup_config(target_name, username, hostname, key_file, ssh_config_path: self.ssh_config_path) ⇒ Object

Class Method Details

.load_keys_from_file(path) ⇒ Array<PublicKey>

Load a set of SSH keys from a file

Returns:

• (Array<PublicKey>)

# File 'lib/restic/service/ssh_keys.rb', line 19

def self.load_keys_from_file(path)
    load_keys_from_string(path.read)
end

.load_keys_from_string(string) ⇒ Array<PublicKey>

Load a set of SSH keys from a string

Returns:

• (Array<PublicKey>)

# File 'lib/restic/service/ssh_keys.rb', line 26

def self.load_keys_from_string(string)
    string.each_line.map do |line|
        _, key_type, *rest = line.chomp.split(" ")
        PublicKey.new(key_type, rest.join(" "))
    end
end

Instance Method Details

#query_keys(host) ⇒ Object

Query the list of keys for this host

Parameters:

• (#host)

# File 'lib/restic/service/ssh_keys.rb', line 36

def query_keys(host)
    self.class.load_keys_from_string(ssh_keyscan_host(host))
end

#ssh_cleanup_config(ssh_config_path: self.ssh_config_path) ⇒ Object

# File 'lib/restic/service/ssh_keys.rb', line 98

def ssh_cleanup_config(ssh_config_path: self.ssh_config_path)
    ssh_config =
        if ssh_config_path.file?
            ssh_config_path.read.split("\n").map(&:chomp)
        else
            []
        end

    _, host_line = ssh_config.each_with_index.
        find { |line, line_i| line.start_with?("Host restic-service-host-") }
    if host_line
        ssh_config.delete_at(host_line)
        while ssh_config[host_line - 1] && ssh_config[host_line - 1].start_with?("#")
            ssh_config.delete_at(host_line - 1)
            host_line -= 1
        end

        while ssh_config[host_line] && !ssh_config[host_line].start_with?("Host")
            ssh_config.delete_at(host_line)
        end
    end
    if ssh_config_path.file?
        ssh_config_path.open('w') do |io|
            io.puts ssh_config.join("\n")
        end
    end
    ssh_config
end

#ssh_config_path ⇒ Object

# File 'lib/restic/service/ssh_keys.rb', line 72

def ssh_config_path
    Pathname.new(Dir.home) + ".ssh" + "config"
end

#ssh_key_run(*args) ⇒ Object

Run a ssh subprocess and returns its standard output

Raises:

• (SSHFailed) —

  if the subcommand fails

# File 'lib/restic/service/ssh_keys.rb', line 48

def ssh_key_run(*args)
    out_pipe_r, out_pipe_w = IO.pipe
    err_pipe_r, err_pipe_w = IO.pipe
    pid = spawn *args, in: :close, err: err_pipe_w, out: out_pipe_w
    out_pipe_w.close
    err_pipe_w.close
    _, status = Process.waitpid2 pid

    out = out_pipe_r.read
    err_pipe_r.readlines.each do |line|
        if line !~ /^#/
            STDERR.puts line
        end
    end

    if !status.success?
t                    raise SSHFailed, "failed to run #{args}"
    end
    out
ensure
    out_pipe_r.close
    err_pipe_r.close
end

#ssh_keyscan_host(host) ⇒ Object

Query the keys from a host and returns them as a SSH key string

# File 'lib/restic/service/ssh_keys.rb', line 41

def ssh_keyscan_host(host)
    ssh_key_run('ssh-keyscan', '-H', host)
end

#ssh_setup_config(target_name, username, hostname, key_file, ssh_config_path: self.ssh_config_path) ⇒ Object

# File 'lib/restic/service/ssh_keys.rb', line 76

def ssh_setup_config(target_name, username, hostname, key_file, ssh_config_path: self.ssh_config_path)
    ssh_config = ssh_cleanup_config(ssh_config_path: ssh_config_path)

    if ssh_config[-1] && ssh_config[-1] != ''
        ssh_config << ""
    end
    ssh_config_name = "restic-service-host-#{target_name}"
    ssh_config << "# Added by restic-service"
    ssh_config << "Host #{ssh_config_name}"
    ssh_config << "  User #{username}"
    ssh_config << "  Hostname #{hostname}"
    ssh_config << "  UserKnownHostsFile #{key_file}"

    ssh_config_path.dirname.mkpath
    ssh_config_path.dirname.chmod 0700
    ssh_config_path.open('w') do |io|
        io.puts ssh_config.join("\n")
    end
    ssh_config_path.chmod 0600
    ssh_config_name
end