github
/
spug
mirror of https://github.com/openspug/spug
1
0
Fork 0
Code Issues Releases Wiki Activity

U 优化主机验证使更准确

pull/137/head
vapao 2020-06-20 19:26:02 +08:00
parent 6f5419d07e
commit cb89ec46f0
1 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
spug_api/apps/host/views.py
View File

@ -11,6 +11,7 @@ from apps.schedule.models import Task
from apps.monitor.models import Detection from apps.monitor.models import Detection
from apps.account.models import Role from apps.account.models import Role
from libs.ssh import SSH, AuthenticationException from libs.ssh import SSH, AuthenticationException
from paramiko.ssh_exception import BadAuthenticationType
from libs import human_datetime, AttrDict from libs import human_datetime, AttrDict
from openpyxl import load_workbook from openpyxl import load_workbook
import socket import socket
@ -118,7 +119,7 @@ def post_import(request):
summary['skip'].append(i) summary['skip'].append(i)
continue continue
try: try:
if valid_ssh(data.hostname, data.port, data.username, data.pop('password') or password) is False: if valid_ssh(data.hostname, data.port, data.username, data.pop('password') or password, False) is False:
summary['fail'].append(i) summary['fail'].append(i)
continue continue
except AuthenticationException: except AuthenticationException:
@ -137,7 +138,7 @@ def post_import(request):
return json_response(summary) return json_response(summary)
def valid_ssh(hostname, port, username, password): def valid_ssh(hostname, port, username, password, with_expect=True):
try: try:
private_key = AppSetting.get('private_key') private_key = AppSetting.get('private_key')
public_key = AppSetting.get('public_key') public_key = AppSetting.get('public_key')
@ -145,18 +146,20 @@ def valid_ssh(hostname, port, username, password):
private_key, public_key = SSH.generate_key() private_key, public_key = SSH.generate_key()
AppSetting.set('private_key', private_key, 'ssh private key') AppSetting.set('private_key', private_key, 'ssh private key')
AppSetting.set('public_key', public_key, 'ssh public key') AppSetting.set('public_key', public_key, 'ssh public key')
cli = SSH(hostname, port, username, private_key)
if password: if password:
cli = SSH(hostname, port, username, password=str(password)) _cli = SSH(hostname, port, username, password=str(password))
code, out = cli.exec_command('mkdir -p -m 700 ~/.ssh && \ code, out = _cli.exec_command('mkdir -p -m 700 ~/.ssh && \
echo %r >> ~/.ssh/authorized_keys && \ echo %r >> ~/.ssh/authorized_keys && \
chmod 600 ~/.ssh/authorized_keys' % public_key) chmod 600 ~/.ssh/authorized_keys' % public_key)
if code != 0: if code != 0:
raise Exception(f'add public key error: {out!r}') raise Exception(f'add public key error: {out!r}')
else:
cli = SSH(hostname, port, username, private_key)
try: try:
cli.ping() cli.ping()
except BadAuthenticationType:
if with_expect:
raise TypeError('该主机不支持密钥认证请参考官方文档错误代码E01')
return False
except AuthenticationException: except AuthenticationException:
return False return False
return True return True