/usr/lib/python3/dist-packages/wormhole/cli/cmd_ssh.py is in magic-wormhole 0.10.3-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 | from __future__ import print_function
import os
from os.path import expanduser, exists, join
from twisted.internet.defer import inlineCallbacks
from twisted.internet import reactor
import click
from .. import xfer_util
class PubkeyError(Exception):
pass
def find_public_key(hint=None):
"""
This looks for an appropriate SSH key to send, possibly querying
the user in the meantime. DO NOT CALL after reactor.run as this
(possibly) does blocking stuff like asking the user questions (via
click.prompt())
Returns a 3-tuple: kind, keyid, pubkey_data
"""
if hint is None:
hint = expanduser('~/.ssh/')
else:
if not exists(hint):
raise PubkeyError("Can't find '{}'".format(hint))
pubkeys = [f for f in os.listdir(hint) if f.endswith('.pub')]
if len(pubkeys) == 0:
raise PubkeyError("No public keys in '{}'".format(hint))
elif len(pubkeys) > 1:
got_key = False
while not got_key:
ans = click.prompt(
"Multiple public-keys found:\n" + \
"\n".join([" {}: {}".format(a, b) for a, b in enumerate(pubkeys)]) + \
"\nSend which one?"
)
try:
ans = int(ans)
if ans < 0 or ans >= len(pubkeys):
ans = None
else:
got_key = True
with open(join(hint, pubkeys[ans]), 'r') as f:
pubkey = f.read()
except Exception:
got_key = False
else:
with open(join(hint, pubkeys[0]), 'r') as f:
pubkey = f.read()
parts = pubkey.strip().split()
kind = parts[0]
keyid = 'unknown' if len(parts) <= 2 else parts[2]
return kind, keyid, pubkey
@inlineCallbacks
def accept(cfg, reactor=reactor):
yield xfer_util.send(
reactor,
cfg.appid or u"lothar.com/wormhole/ssh-add",
cfg.relay_url,
data=cfg.public_key[2],
code=cfg.code,
use_tor=cfg.tor,
launch_tor=cfg.launch_tor,
tor_control_port=cfg.tor_control_port,
)
print("Key sent.")
@inlineCallbacks
def invite(cfg, reactor=reactor):
def on_code_created(code):
print("Now tell the other user to run:")
print()
print("wormhole ssh accept {}".format(code))
print()
if cfg.ssh_user is None:
ssh_path = expanduser('~/.ssh/'.format(cfg.ssh_user))
else:
ssh_path = expanduser('~{}/.ssh/'.format(cfg.ssh_user))
auth_key_path = join(ssh_path, 'authorized_keys')
if not exists(auth_key_path):
print("Note: '{}' not found; will be created".format(auth_key_path))
if not exists(ssh_path):
print(" '{}' doesn't exist either".format(ssh_path))
else:
try:
open(auth_key_path, 'a').close()
except OSError:
print("No write permission on '{}'".format(auth_key_path))
return
try:
os.listdir(ssh_path)
except OSError:
print("Can't read '{}'".format(ssh_path))
return
pubkey = yield xfer_util.receive(
reactor,
cfg.appid or u"lothar.com/wormhole/ssh-add",
cfg.relay_url,
None, # allocate a code for us
use_tor=cfg.tor,
launch_tor=cfg.launch_tor,
tor_control_port=cfg.tor_control_port,
on_code=on_code_created,
)
parts = pubkey.split()
kind = parts[0]
keyid = 'unknown' if len(parts) <= 2 else parts[2]
if not exists(auth_key_path):
if not exists(ssh_path):
os.mkdir(ssh_path, mode=0o700)
with open(auth_key_path, 'a', 0o600) as f:
f.write('{}\n'.format(pubkey.strip()))
print("Appended key type='{kind}' id='{key_id}' to '{auth_file}'".format(
kind=kind, key_id=keyid, auth_file=auth_key_path))
|