--- a/src/refresh-auth Thu Feb 19 16:36:41 2009 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,61 +0,0 @@
-#!/usr/bin/env python
-
-# WARNING
-# This script completely destroys your ~/.ssh/authorized_keys
-# file every time it is run
-# WARNING
-
-import sys
-import os
-import os.path
-import ruleset
-import subprocess
-
-if len(sys.argv) != 3:
- sys.stderr.write("refresh-auth: wrong number of arguments (%s)\n" % sys.argv)
- sys.exit(-1)
-
-akeyfile = sys.argv[1]
-wrappercommand = sys.argv[2]
-prefix='no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command='
-
-if os.path.exists(akeyfile):
- f = open(akeyfile)
- try:
- for l in f:
- if not l.startswith(prefix):
- raise Exception("Safety check failed, delete %s to continue" % akeyfile)
- finally:
- f.close()
-
-akeys = open(akeyfile + "_new", "w")
-for root, dirs, files in os.walk("keys"):
- for fn in files:
- ffn = os.path.join(root, fn)
- if not ruleset.goodpath(ffn):
- # ignore any path that contains dodgy characters
- continue
- keyname = ffn[5:]
- if keyname == "root":
- # No key can claim root privileges
- continue
- p = subprocess.Popen(("ssh-keygen", "-i", "-f", ffn),
- stdout=subprocess.PIPE, stderr=subprocess.PIPE)
- newkey = p.communicate()[0]
- if p.wait() == 0:
- klines = [l.strip() for l in newkey.split("\n")]
- else:
- # Conversion failed, read it directly.
- kf = open(ffn)
- try:
- klines = [l.strip() for l in kf]
- finally:
- kf.close()
- for l in klines:
- if len(l):
- akeys.write('%s"%s %s" %s\n' % (prefix, wrappercommand, keyname, l))
-
-akeys.close()
-
-os.rename(akeyfile + "_new", akeyfile)
-