refresh-auth
changeset 33 18e93dbdaf12
parent 32 4059dbe9f26a
child 34 4b5ca59fe3b7
--- a/refresh-auth	Thu Jun 05 16:53:57 2008 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,61 +0,0 @@
-#!/usr/bin/env python
-
-# WARNING
-# This script completely destroys your ~/.ssh/authorized_keys
-# file every time it is run
-# WARNING
-
-import sys
-import os
-import os.path
-import ruleset
-import subprocess
-
-if len(sys.argv) != 3:
-    sys.stderr.write("refresh-auth: wrong number of arguments (%s)\n" % sys.argv)
-    sys.exit(-1)
-
-akeyfile = sys.argv[1]
-wrappercommand = sys.argv[2]
-prefix='no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command='
-
-if os.path.exists(akeyfile):
-    f = open(akeyfile)
-    try:
-        for l in f:
-            if not l.startswith(prefix):
-                raise Exception("Safety check failed, delete %s to continue" % akeyfile)
-    finally:
-        f.close()
-
-akeys = open(akeyfile + "_new", "w")
-for root, dirs, files in os.walk("keys"):
-    for fn in files:
-        ffn = os.path.join(root, fn)
-        if not ruleset.goodpath(ffn):
-            # ignore any path that contains dodgy characters
-            continue
-        keyname = ffn[5:]
-        if keyname == "root":
-            # No key can claim root privileges
-            continue
-        p = subprocess.Popen(("ssh-keygen", "-i", "-f", ffn), 
-            stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-        newkey = p.communicate()[0]
-        if p.wait() == 0:
-            klines = [l.strip() for l in newkey.split("\n")]
-        else:
-            # Conversion failed, read it directly.
-            kf = open(ffn)
-            try:
-                klines = [l.strip() for l in kf]
-            finally:
-                kf.close()
-        for l in klines:
-            if len(l):
-                akeys.write('%s"%s %s" %s\n' % (prefix, wrappercommand, keyname, l))
-
-akeys.close()
-
-os.rename(akeyfile + "_new", akeyfile)
-