mirror of https://github.com/jumpserver/jumpserver
76 lines
1.9 KiB
Python
76 lines
1.9 KiB
Python
|
# -*- coding: utf-8 -*-
|
|||
|
|
|||
|
import random
|
|||
|
import os.path
|
|||
|
import shutil
|
|||
|
from paramiko import SSHException
|
|||
|
from paramiko.rsakey import RSAKey
|
|||
|
from jumpserver.api import mkdir
|
|||
|
from uuid import uuid4
|
|||
|
from jumpserver.api import CRYPTOR
|
|||
|
from os import makedirs
|
|||
|
|
|||
|
from tempfile import NamedTemporaryFile
|
|||
|
|
|||
|
from jumpserver.settings import KEY_DIR
|
|||
|
|
|||
|
|
|||
|
def get_rand_pass():
|
|||
|
"""
|
|||
|
get a reandom password.
|
|||
|
"""
|
|||
|
CRYPTOR.gen_rand_pass(20)
|
|||
|
|
|||
|
|
|||
|
def updates_dict(*args):
|
|||
|
"""
|
|||
|
surport update multi dict
|
|||
|
"""
|
|||
|
result = {}
|
|||
|
for d in args:
|
|||
|
result.update(d)
|
|||
|
return result
|
|||
|
|
|||
|
|
|||
|
def gen_keys(key="", key_path_dir=""):
|
|||
|
"""
|
|||
|
在KEY_DIR下创建一个 uuid命名的目录,
|
|||
|
并且在该目录下 生产一对秘钥
|
|||
|
:return: 返回目录名(uuid)
|
|||
|
"""
|
|||
|
key_basename = "key-" + uuid4().hex
|
|||
|
if not key_path_dir:
|
|||
|
key_path_dir = os.path.join(KEY_DIR, 'role_key', key_basename)
|
|||
|
private_key = os.path.join(key_path_dir, 'id_rsa')
|
|||
|
public_key = os.path.join(key_path_dir, 'id_rsa.pub')
|
|||
|
mkdir(key_path_dir, mode=0755)
|
|||
|
if not key:
|
|||
|
key = RSAKey.generate(2048)
|
|||
|
key.write_private_key_file(private_key)
|
|||
|
else:
|
|||
|
key_file = os.path.join(key_path_dir, 'id_rsa')
|
|||
|
with open(key_file, 'w') as f:
|
|||
|
f.write(key)
|
|||
|
f.close()
|
|||
|
with open(key_file) as f:
|
|||
|
try:
|
|||
|
key = RSAKey.from_private_key(f)
|
|||
|
except SSHException:
|
|||
|
shutil.rmtree(key_path_dir, ignore_errors=True)
|
|||
|
raise SSHException
|
|||
|
os.chmod(private_key, 0644)
|
|||
|
|
|||
|
with open(public_key, 'w') as content_file:
|
|||
|
for data in [key.get_name(),
|
|||
|
" ",
|
|||
|
key.get_base64(),
|
|||
|
" %s@%s" % ("jumpserver", os.uname()[1])]:
|
|||
|
content_file.write(data)
|
|||
|
return key_path_dir
|
|||
|
|
|||
|
|
|||
|
if __name__ == "__main__":
|
|||
|
print gen_keys()
|
|||
|
|
|||
|
|