github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

支持ssh-key

pull/6/head
ibuler 2014-12-29 23:50:56 +08:00
parent cefc175790
commit 6c2b782964
2 changed files with 17 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
connect.py
View File

@ -36,6 +36,8 @@ CURRENT_DIR = os.path.abspath('.')
CONF = ConfigParser() CONF = ConfigParser()
CONF.read(os.path.join(CURRENT_DIR, 'jumpserver.conf')) CONF.read(os.path.join(CURRENT_DIR, 'jumpserver.conf'))
LOG_DIR = os.path.join(CURRENT_DIR, 'logs') LOG_DIR = os.path.join(CURRENT_DIR, 'logs')
SSH_KEY_DIR = os.path.join(CURRENT_DIR, 'keys')
SERVER_KEY_DIR = os.path.join(SSH_KEY_DIR, 'server')
KEY = CONF.get('web', 'key') KEY = CONF.get('web', 'key')
LOGIN_NAME = getpass.getuser() LOGIN_NAME = getpass.getuser()
#LOGIN_NAME = os.getlogin() #LOGIN_NAME = os.getlogin()
@ -195,10 +197,13 @@ def get_connect_item(username, ip):
red_print("Host %s isn't exist." % ip) red_print("Host %s isn't exist." % ip)
return return
user = User.objects.get(username=username)
if asset.ldap_enable: if asset.ldap_enable:
user = User.objects.get(username=username)
ldap_pwd = cryptor.decrypt(user.ldap_pwd) ldap_pwd = cryptor.decrypt(user.ldap_pwd)
return username, ldap_pwd, ip, port return username, ldap_pwd, ip, port
elif asset.ssh_key_enable:
ssh_key_pwd = cryptor.decrypt(user.ssh_key_pwd)
return username, ssh_key_pwd, ip, port
else: else:
perms = asset.permission_set.all() perms = asset.permission_set.all()
perm = perms[0] perm = perms[0]
@ -229,7 +234,7 @@ def verify_connect(username, part_ip):
red_print('No Permission or No host.') red_print('No Permission or No host.')
else: else:
try: try:
username, password, host, port = get_connect_item(username, ip_matched[0]) username, password, host, port, key_filename = get_connect_item(username, ip_matched[0])
except (ObjectDoesNotExist, IndexError): except (ObjectDoesNotExist, IndexError):
red_print('Get get_connect_item Error.') red_print('Get get_connect_item Error.')
else: else:
@ -258,13 +263,19 @@ def connect(username, password, host, port, login_name):
""" """
ps1 = "PS1='[\u@%s \W]\$ '\n" % host ps1 = "PS1='[\u@%s \W]\$ '\n" % host
login_msg = "clear;echo -e '\\033[32mLogin %s done. Enjoy it.\\033[0m'\n" % host login_msg = "clear;echo -e '\\033[32mLogin %s done. Enjoy it.\\033[0m'\n" % host
user_key_file = os.path.join(SERVER_KEY_DIR, username)
if os.path.isfile(user_key_file):
key_filename = user_key_file
else:
key_filename = None
# Make a ssh connection # Make a ssh connection
ssh = paramiko.SSHClient() ssh = paramiko.SSHClient()
ssh.load_system_host_keys() ssh.load_system_host_keys()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try: try:
ssh.connect(host, port=port, username=username, password=password, compress=True) ssh.connect(host, port=port, username=username, password=password, key_filename=key_filename, compress=True)
except paramiko.ssh_exception.AuthenticationException: except paramiko.ssh_exception.AuthenticationException:
alert_print('Host Password Error, Please Correct it.') alert_print('Host Password Error, Please Correct it.')
except socket.error: except socket.error:
@ -272,9 +283,9 @@ def connect(username, password, host, port, login_name):
# Make a channel and set windows size # Make a channel and set windows size
global channel global channel
channel = ssh.invoke_shell()
win_size = get_win_size() win_size = get_win_size()
channel.resize_pty(height=win_size[0], width=win_size[1]) channel = ssh.invoke_shell(height=win_size[0], width=win_size[1])
#channel.resize_pty(height=win_size[0], width=win_size[1])
try: try:
signal.signal(signal.SIGWINCH, set_win_size) signal.signal(signal.SIGWINCH, set_win_size)
except: except:

1
jasset/models.py
View File

@ -16,6 +16,7 @@ class Asset(models.Model):
idc = models.ForeignKey(IDC) idc = models.ForeignKey(IDC)
group = models.ManyToManyField(Group) group = models.ManyToManyField(Group)
ldap_enable = models.BooleanField(default=True) ldap_enable = models.BooleanField(default=True)
ssh_key_enable = models.BooleanField(default=False)
username_common = models.CharField(max_length=80, blank=True, null=True) username_common = models.CharField(max_length=80, blank=True, null=True)
password_common = models.CharField(max_length=160, blank=True, null=True) password_common = models.CharField(max_length=160, blank=True, null=True)
username_super = models.CharField(max_length=80, blank=True, null=True) username_super = models.CharField(max_length=80, blank=True, null=True)