From: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Date: Tue, 5 Apr 2016 07:29:51 +0000 (+0200)
Subject: Add validate_ssh_public_keys
X-Git-Url: https://git.proxmox.com/?p=pve-common.git;a=commitdiff_plain;h=48df47a466fc7dbebdcf9c50f2d9d7f12c1ef30e;ds=sidebyside

Add validate_ssh_public_keys

validate format of SSH public keys using ssh-keygen -l and
temp files.
---

diff --git a/src/PVE/Tools.pm b/src/PVE/Tools.pm
index 6627210..3f20868 100644
--- a/src/PVE/Tools.pm
+++ b/src/PVE/Tools.pm
@@ -1307,4 +1307,19 @@ sub tempfile_contents {
     return ("/proc/$$/fd/".$fh->fileno, $fh);
 }
 
+sub validate_ssh_public_keys {
+    my ($raw) = @_;
+    my @lines = split(/\n/, $raw);
+
+    foreach my $line (@lines) {
+	next if $line =~ m/^\s*$/;
+	eval {
+	    my ($filename, $handle) = tempfile_contents($line);
+	    run_command(["ssh-keygen", "-l", "-f", $filename],
+			outfunc => sub {}, errfunc => sub {});
+	};
+	die "SSH public key validation error\n" if $@;
+    }
+}
+
 1;