Allow encrypted server private keys and ask for passphrase when key import fails
This commit is contained in:
parent
8193410226
commit
fa9ee50336
2 changed files with 11 additions and 2 deletions
|
|
@ -6,6 +6,7 @@
|
||||||
import asyncio
|
import asyncio
|
||||||
|
|
||||||
from argparse import ArgumentParser
|
from argparse import ArgumentParser
|
||||||
|
from getpass import getpass
|
||||||
from pathlib import Path
|
from pathlib import Path
|
||||||
from sys import stdout
|
from sys import stdout
|
||||||
from sys import stderr
|
from sys import stderr
|
||||||
|
|
@ -101,7 +102,14 @@ if __name__ == "__main__":
|
||||||
config = yaml.safe_load(args.config.read_text())
|
config = yaml.safe_load(args.config.read_text())
|
||||||
config_host = str(config["host"])
|
config_host = str(config["host"])
|
||||||
config_port = int(config["port"])
|
config_port = int(config["port"])
|
||||||
|
try:
|
||||||
config_private_key = asyncssh.import_private_key(args.pkey.read_text())
|
config_private_key = asyncssh.import_private_key(args.pkey.read_text())
|
||||||
|
except asyncssh.public_key.KeyImportError as e:
|
||||||
|
e_str = str(e).lower()
|
||||||
|
if "passphrase" in e_str or "encyrpted" in e_str: # this is unstable af!
|
||||||
|
config_private_key = asyncssh.import_private_key(args.pkey.read_text(), passphrase=getpass("Private Key Passphrase: "))
|
||||||
|
else:
|
||||||
|
raise e
|
||||||
for c in config["clients"]:
|
for c in config["clients"]:
|
||||||
config_clients[str(c)] = asyncssh.import_authorized_keys(str(config["clients"][c]))
|
config_clients[str(c)] = asyncssh.import_authorized_keys(str(config["clients"][c]))
|
||||||
# read private key
|
# read private key
|
||||||
|
|
|
||||||
|
|
@ -1,2 +1,3 @@
|
||||||
asyncssh
|
asyncssh~=2.14.0
|
||||||
|
bcrypt~=4.1.0
|
||||||
PyYAML
|
PyYAML
|
||||||
|
|
|
||||||
Reference in a new issue