Commit e9c7a078 authored by Ilias Tsitsimpis's avatar Ilias Tsitsimpis Committed by Christos Stavrakakis
Browse files

snf-deploy: Remove ssh keys

Remove ssh keys from snf-deploy package.
We can now generate new keys running `snf-deploy keygen'.
parent df5a2cd0
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUsjUNXcojhi1yrMYO6lC8jx6q1REcXBD/8yXAW8Iw2kIQVyvT9/J8FlzJ0FVPYYrs0yB49Pd6/j6ewgkpcZcVdzcS9XltUIhHPtZD7r3bOG6LgHFP8oeO5hLB5TE0IiCpxyoeddocpX87ItE89x9wW7GfD9CMAmMFyscg22kxVTXwQ4GebKBoIVcI912iy92ZXfc2apU5h58YD7oQkfOhomYMEbisgiUb+cHbYrBudtSzhUofN7AjpBlZx2kjq3l9GpJQDJlx/evhsHugvV79HoXrY+8wL/ixkRdcfoH5IuodQ0FAyPLnTazSDDuARWW5y+XZbUtJx3nL1a+hijYH root@fab1
ssh-dss AAAAB3NzaC1kc3MAAACBAIC3kp+a2t/W1kHfzuC4UGoRZqx5xa+ADWHQkVrmlgtwUZMdqfpSC8lWBqgzSZt8mALcYj6gmYMi4UaCZs/bDFFBzQ9LxgSyoEWgBYaPGQRxghWZpezbcx9wjjrUBWGWTP4TP0yfbeCueY0woA4wOjsd47EiD7BFvY4ZEs/4ueGfAAAAFQC1p9roWYfNajaNz27c9JN3hU+V7QAAAIAB4qNFAXXAXZtedkZ8j8RdwVXHHiZ0SzAwZmghh6kmKzhIijIlyPll7bZpdq2iSGSk2OZJM3zDJprrtnswXe8PCtGpSs/Whsf8p1Q+eYNEbLIL7e6Z61MZyHZ3lgvUrLKUGs6LXeZU0z6rMvXmcEthujI015g0vegQIiPckpRZ1wAAAIA8prZ+pBZn9s7hgAGaoB2WUwbjqVYMltcmrmvNYc3VxgMZt5lwrjLkmqAZ5uvQcUz2J0YfMoqfCBMKRTpZB6EMxX4JGs5stmsF/o/U+GWec0IzH6gzNop86iDH34D0JnKB7TUvhzuWqZk1GJKKa1vBgb8MhjToqzfUfHa0w6cIxw== root@fab1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDC4LGShXfXROIPtaocYxi9t4qmmhlZWeMcRrNMIpNYBNoOOlnmvZxV/ef3fIC8N9KiglOumx5uOk64Y3cMyPtrJ8jwmSaFDHuECp5HdhXKgK8em43EzcFZ3Df1dIl31V/+Mg/L+iph+oW6MNSSo96Lq35f6PkluoSHzhfDyGn5T0OrpYLnjukcO4kOnODRgZdlnIVoGVnGLx70IRC1lXPx0oC0WkisxUJ90Etl7bHtKequelO9aABhymiE5wzlSIqyY5LsFecKvWsVdRZuuqPhDU/LmwvFZn1a+dKcVnKjZim6M0EZr7fgrxi2fNCo4PYO3/eiN9nm2zy/gU4hAXIXaOEoZw4ZoDU4uj8tDByXiiV22sRP9j3s55jXh+3tebsnPWK7jLZVqtoB+0f4v1UK8q/hUBnkXnT93hezg2m8AV+e7ORjY5shdJRzdJDIstbe3KQQkul+lLsxVKASK2O/1tt0ZbCoKoSeb3ZxYDR1r3AHGOgaa84qEKXtmN6EVHorYpXOIvW12gaiIBTT6igNAJWuuY69q9NCv2luGKRkcewYkFtXAC+YYocs+r1mS50XDTcaRyaNDHDy840trfyLefHS0l2HAUEN4tWyBcxfRk4qGHslt6K7bPT25fESXEPWVa5KiqHNk1g2wQSjC00xhEV5kd/RXpWuWi/WDOX1NQ== devcluster
-----BEGIN DSA PRIVATE KEY-----
MIIBugIBAAKBgQCAt5Kfmtrf1tZB387guFBqEWasecWvgA1h0JFa5pYLcFGTHan6
UgvJVgaoM0mbfJgC3GI+oJmDIuFGgmbP2wxRQc0PS8YEsqBFoAWGjxkEcYIVmaXs
23MfcI461AVhlkz+Ez9Mn23grnmNMKAOMDo7HeOxIg+wRb2OGRLP+LnhnwIVALWn
2uhZh81qNo3Pbtz0k3eFT5XtAoGAAeKjRQF1wF2bXnZGfI/EXcFVxx4mdEswMGZo
IYepJis4SIoyJcj5Ze22aXatokhkpNjmSTN8wyaa67Z7MF3vDwrRqUrP1obH/KdU
PnmDRGyyC+3umetTGch2d5YL1KyylBrOi13mVNM+qzL15nBLYboyNNeYNL3oECIj
3JKUWdcCgYA8prZ+pBZn9s7hgAGaoB2WUwbjqVYMltcmrmvNYc3VxgMZt5lwrjLk
mqAZ5uvQcUz2J0YfMoqfCBMKRTpZB6EMxX4JGs5stmsF/o/U+GWec0IzH6gzNop8
6iDH34D0JnKB7TUvhzuWqZk1GJKKa1vBgb8MhjToqzfUfHa0w6cIxwIUVtNpgqUu
dI0BaDPr677+4LNaERw=
-----END DSA PRIVATE KEY-----
ssh-dss AAAAB3NzaC1kc3MAAACBAIC3kp+a2t/W1kHfzuC4UGoRZqx5xa+ADWHQkVrmlgtwUZMdqfpSC8lWBqgzSZt8mALcYj6gmYMi4UaCZs/bDFFBzQ9LxgSyoEWgBYaPGQRxghWZpezbcx9wjjrUBWGWTP4TP0yfbeCueY0woA4wOjsd47EiD7BFvY4ZEs/4ueGfAAAAFQC1p9roWYfNajaNz27c9JN3hU+V7QAAAIAB4qNFAXXAXZtedkZ8j8RdwVXHHiZ0SzAwZmghh6kmKzhIijIlyPll7bZpdq2iSGSk2OZJM3zDJprrtnswXe8PCtGpSs/Whsf8p1Q+eYNEbLIL7e6Z61MZyHZ3lgvUrLKUGs6LXeZU0z6rMvXmcEthujI015g0vegQIiPckpRZ1wAAAIA8prZ+pBZn9s7hgAGaoB2WUwbjqVYMltcmrmvNYc3VxgMZt5lwrjLkmqAZ5uvQcUz2J0YfMoqfCBMKRTpZB6EMxX4JGs5stmsF/o/U+GWec0IzH6gzNop86iDH34D0JnKB7TUvhzuWqZk1GJKKa1vBgb8MhjToqzfUfHa0w6cIxw== root@fab1
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEA1LI1DV3KI4YtcqzGDupQvI8eqtURHFwQ//MlwFvCMNpCEFcr
0/fyfBZcydBVT2GK7NMgePT3ev4+nsIJKXGXFXc3EvV5bVCIRz7WQ+692zhui4Bx
T/KHjuYSweUxNCIgqccqHnXaHKV/OyLRPPcfcFuxnw/QjAJjBcrHINtpMVU18EOB
nmygaCFXCPddosvdmV33NmqVOYefGA+6EJHzoaJmDBG4rIIlG/nB22KwbnbUs4VK
HzewI6QZWcdpI6t5fRqSUAyZcf3r4bB7oL1e/R6F62PvMC/4sZEXXH6B+SLqHUNB
QMjy502s0gw7gEVlucvl2W1LScd5y9WvoYo2BwIDAQABAoIBABkmHRnAfjcnFVaa
0SxQTk2NSp3+ZXCJ/kSVNmCBOPvXwrn15KvChHxhlIUUShIBwZBxAkTrChwT1cml
vbmVwbx7BRsLxVjEjeiGqIUNxIsYKBH8lOlUDu05jPw6IlA8vMn2T6ecXbbHZrzS
SBVCTwhU/zKEhy8W1SiJKnRbHRwE9Q2fot0iJZLWMtPzINJWvfqnJe8QbL0UWTEr
Kg71fPU7BJPzpjQEPOGv5K4a3NM+JSFhC7dWTM3qjqBqUkAFTS83A7pDO8pMW80X
YBD6e/h2iupfvrfUzAtUJmPnI8sVy7l4S3i/umFE+5LciYSplNrt5LKqwHdVD7Pd
RDrzSGECgYEA8Z+kqIc6B2ZWKELL0aaez3gpNc3iUuGY6JGvs1f4axl6SuyLUDoM
Z0IqruGFbU8FFQEDAyCk2M1OFeYZVE5uwmZGTeaBPDRR5GELEYDtiaA/3orO1wR7
mfESJ96sRnvLlW5Jc4f8+fRGmVYxqjW/vcCGAOg2LPikBpRmQvd7L1ECgYEA4Vny
coUTpvLvTX5ARK1EIyC9RquvBHuCit3YEs7yiVWDMaexrkOqZ7oiYU5BMzIcZzVL
bv0vfuQu0HHD/uKqMQKJxZNvnJ7T1cSHxox72zZEIScTuGluzKCTflbz6BkWwCzx
g2vZHeJdgTx8bxd6NVpooMT27I+owFOEbr0JqdcCgYBWPCHqPAkL5wxM5joUIyF+
7mXW3Bowdm+6YXSRz43Lu5YX84BtK6qNl+Hf9IFIV/F6Y5gNn7L15aA+1Japrix9
mT7yQphRQmMP3Uqz/o3Ilrb02BmmR+VNNerC7AgUR86LEIeKgjhZhUNFKqwjEXfT
Y0jwPfBH8J2p84Dj2avPYQKBgEnFNjcDFXHbqTcHE2boCZwuRYfy//JJtGxdPzS5
BnCqy63fpazUfd5C8qpEAdgOmXm32p/Uxk2VyTV3aJ/x96DfodZJ84mj/NjH42K9
7nXOh/MKZcxCx4C5OE9ti575R5dVnyJUldjQl6eM83cyilEY7ZNjpym9xZJgRMQz
ogw1AoGAQSZ/9BhH7XywifPh8M8a17dzDoex9ps/c9ayZFKfifi4fDOFyBovVDLx
GMPoeFyR60DjmRFRTPpt7yYDwFOSGLo90M6JAFyZeh86S/Xt6Zi6Fcd6+/VLejMY
CSlI/8vIgi5E1YZiT2I4joSUIzaa2lmoGZsSTiDjIxWUuqh3J3k=
-----END RSA PRIVATE KEY-----
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUsjUNXcojhi1yrMYO6lC8jx6q1REcXBD/8yXAW8Iw2kIQVyvT9/J8FlzJ0FVPYYrs0yB49Pd6/j6ewgkpcZcVdzcS9XltUIhHPtZD7r3bOG6LgHFP8oeO5hLB5TE0IiCpxyoeddocpX87ItE89x9wW7GfD9CMAmMFyscg22kxVTXwQ4GebKBoIVcI912iy92ZXfc2apU5h58YD7oQkfOhomYMEbisgiUb+cHbYrBudtSzhUofN7AjpBlZx2kjq3l9GpJQDJlx/evhsHugvV79HoXrY+8wL/ixkRdcfoH5IuodQ0FAyPLnTazSDDuARWW5y+XZbUtJx3nL1a+hijYH root@fab1
...@@ -16,6 +16,14 @@ from snfdeploy.lib import * ...@@ -16,6 +16,14 @@ from snfdeploy.lib import *
def print_available_actions(command): def print_available_actions(command):
if command == "keygen":
print """
Usage: snf-deploy keygen [--force]
Generate new ssh keys (both rsa and dsa keypairs)
"""
if command == "vcluster": if command == "vcluster":
print """ print """
Usage: snf-deploy vcluster Usage: snf-deploy vcluster
...@@ -372,9 +380,9 @@ def parse_options(): ...@@ -372,9 +380,9 @@ def parse_options():
parser.add_argument("--vnc", dest="vnc", parser.add_argument("--vnc", dest="vnc",
default=False, action="store_true", default=False, action="store_true",
help="Wheter virtual nodes will have a vnc console or not") help="Wheter virtual nodes will have a vnc console or not")
parser.add_argument("-k", "--keygen", dest="keygen", parser.add_argument("--force", dest="force",
default=False, action="store_true", default=False, action="store_true",
help="Whether to create new ssh key pairs") help="Force the creation of new ssh key pairs")
parser.add_argument("-i", "--ssh-key", dest="ssh_key", parser.add_argument("-i", "--ssh-key", dest="ssh_key",
default=None, default=None,
...@@ -399,7 +407,7 @@ def parse_options(): ...@@ -399,7 +407,7 @@ def parse_options():
choices=["packages", "vcluster", "prepare", choices=["packages", "vcluster", "prepare",
"synnefo", "backend", "ganeti", "synnefo", "backend", "ganeti",
"run", "cleanup", "test", "run", "cleanup", "test",
"all", "add"], "all", "add", "keygen"],
help="Run on of the supported deployment commands") help="Run on of the supported deployment commands")
# available actions for the run command # available actions for the run command
...@@ -487,7 +495,28 @@ def get_actions(*args): ...@@ -487,7 +495,28 @@ def get_actions(*args):
return ret return ret
def create_keys(args, env): def must_create_keys(force, env):
"""Check if we need to create ssh keys
If force is true we are going to overide the old keys.
Else if there are already generated keys to use, don't create new ones.
"""
if force:
return True
d = os.path.join(env.templates, "root/.ssh")
auth_keys_exists = os.path.exists(os.path.join(d, "authorized_keys"))
dsa_exists = os.path.exists(os.path.join(d, "id_dsa"))
dsa_pub_exists = os.path.exists(os.path.join(d, "id_dsa.pub"))
rsa_exists = os.path.exists(os.path.join(d, "id_rsa"))
rsa_pub_exists = os.path.exists(os.path.join(d, "id_rsa.pub"))
# If any of the above doesn't exist return True
return not (dsa_exists and dsa_pub_exists
and rsa_exists and rsa_pub_exists
and auth_keys_exists)
def do_create_keys(args, env):
d = os.path.join(env.templates, "root/.ssh") d = os.path.join(env.templates, "root/.ssh")
a = os.path.join(d, "authorized_keys") a = os.path.join(d, "authorized_keys")
for t in ("dsa", "rsa"): for t in ("dsa", "rsa"):
...@@ -541,15 +570,26 @@ def main(): ...@@ -541,15 +570,26 @@ def main():
create_dir(env.run, False) create_dir(env.run, False)
create_dir(env.dns, False) create_dir(env.dns, False)
# Check if there are keys to use
if args.command == "keygen":
if must_create_keys(args.force, env):
do_create_keys(args, env)
return 0
else:
print "Keys already existed.. aborting"
return 1
else:
if (args.key_inject and (args.ssh_key is None)
and must_create_keys(False, env)):
print "No ssh keys to use. Run `snf-deploy keygen' first."
return 1
if args.command == "test": if args.command == "test":
conf.print_config() conf.print_config()
if args.command == "cleanup": if args.command == "cleanup":
cleanup(args, env) cleanup(args, env)
if args.keygen:
create_keys(args, env)
if args.command == "packages": if args.command == "packages":
create_dir(env.packages, True) create_dir(env.packages, True)
get_packages(args, env) get_packages(args, env)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment