projects
/
pve-common.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
344c19f
)
Add validate_ssh_public_keys
author
Fabian Grünbichler
<f.gruenbichler@proxmox.com>
Tue, 5 Apr 2016 07:29:51 +0000
(09:29 +0200)
committer
Dietmar Maurer
<dietmar@proxmox.com>
Tue, 5 Apr 2016 10:24:38 +0000
(12:24 +0200)
validate format of SSH public keys using ssh-keygen -l and
temp files.
src/PVE/Tools.pm
patch
|
blob
|
blame
|
history
diff --git
a/src/PVE/Tools.pm
b/src/PVE/Tools.pm
index 6627210566e3d5ed3d909afdb46e97176833d49f..3f20868df27b053c94c9a47475409741983aaff7 100644
(file)
--- a/
src/PVE/Tools.pm
+++ b/
src/PVE/Tools.pm
@@
-1307,4
+1307,19
@@
sub tempfile_contents {
return ("/proc/$$/fd/".$fh->fileno, $fh);
}
+sub validate_ssh_public_keys {
+ my ($raw) = @_;
+ my @lines = split(/\n/, $raw);
+
+ foreach my $line (@lines) {
+ next if $line =~ m/^\s*$/;
+ eval {
+ my ($filename, $handle) = tempfile_contents($line);
+ run_command(["ssh-keygen", "-l", "-f", $filename],
+ outfunc => sub {}, errfunc => sub {});
+ };
+ die "SSH public key validation error\n" if $@;
+ }
+}
+
1;