Mercurial Mercurial > hg > mercurial-server / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
refresh-auth
author Paul Crowley <paul@lshift.net>
Fri, 02 May 2008 17:33:39 +0100
changeset 29 87279134a212
parent 16 9fac559c3d55
child 30 98dbde5b13a1
permissions -rwxr-xr-x
Convert PuTTY-style public keys automatically

#!/usr/bin/env python

# WARNING
# This script completely destroys your ~/.ssh/authorized_keys
# file every time it is run
# WARNING

import sys
import os
import os.path
import ruleset
import subprocess

if len(sys.argv) != 2:
    sys.stderr.write("refresh-auth: wrong number of arguments (%s)\n" % sys.argv)
    sys.exit(-1)

wrappercommand = sys.argv[1]
akeyfile = os.path.expanduser("~/.ssh/authorized_keys")

akeys = open(akeyfile + "_new", "w")
for root, dirs, files in os.walk("keys"):
    for fn in files:
        ffn = os.path.join(root, fn)
        if not ruleset.goodpath(ffn):
            # ignore any path that contains dodgy characters
            continue
        keyname = ffn[5:]
        prefix=('command="%s",no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding'
            % ('%s %s' % (wrappercommand, keyname)))
        p = subprocess.Popen(("ssh-keygen", "-i", "-f", ffn), 
            stdout=subprocess.PIPE, stderr=subprocess.PIPE)
        newkey = p.communicate()[0]
        if p.wait() == 0:
            klines = [l.strip() for l in newkey.split("\n")]
        else:
            # Conversion failed, read it directly.
            kf = open(ffn)
            try:
                klines = [l.strip() for l in kf]
            finally:
                kf.close()
        for l in klines:
            if len(l):
                akeys.write("%s %s\n" % (prefix, l))

akeys.close()

os.rename(akeyfile + "_new", akeyfile)
mercurial-server