#!/usr/bin/python
# WARNING
# This script completely destroys your ~/.ssh/authorized_keys
# file every time it is run
# WARNING
import sys
import os
import os.path
import re
if len(sys.argv) != 2:
sys.stderr.write("refresh-auth: wrong number of arguments (%s)" % sys.argv)
sys.exit(-1)
wrappercommand = sys.argv[1]
akeyfile = os.path.expanduser("~/.ssh/authorized_keys")
allowedchars = "A-Za-z0-9_.-"
goodpathre = re.compile("([%s]+/)*[%s]+$" % (allowedchars, allowedchars))
akeys = open(akeyfile + "_new", "w")
for root, dirs, files in os.walk("keys"):
for fn in files:
ffn = os.path.join(root, fn)
if goodpathre.match(ffn) is None:
# ignore any path that contains dodgy characters
continue
keyname = ffn[5:]
prefix=('command="%s",no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding'
% ('%s %s' % (wrappercommand, keyname))
kf = open(ffn)
try:
for l in kf:
akeys.write("%s %s\n" % (prefix, l.strip()))
finally:
kf.close()
os.rename(akeyfile + "_new", akeyfile)