Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Generate the ssh key using the cryptography module #303

Merged
merged 6 commits into from Apr 10, 2018
Merged

Generate the ssh key using the cryptography module #303

merged 6 commits into from Apr 10, 2018

Conversation

asmeurer
Copy link
Member

This is better because ssh-keygen is not available on all platforms (such as
Windows).

This changes the Python API a bit:

  • generate_ssh_key now returns the private and public ssh keys, and does not
    write to a file.

  • encrypt_file has been removed and replaced with encrypt_to_file, which
    encrypts contents and writes them to a file.

Fixes #301.

@asmeurer
Generate the ssh key using the cryptography module
bc5cc26 
This is better because ssh-keygen is not available on all platforms (such as
Windows).

This changes the Python API a bit:

- generate_ssh_key now returns the private and public ssh keys, and does not
  write to a file.

- encrypt_file has been removed and replaced with encrypt_to_file, which
  encrypts contents and writes them to a file.

Fixes #301.
@asmeurer
Fix unused keyword argument
ac17856
@asmeurer
Remove the note parameter to generate_ssh_key()
ba7317a 
It was not being used by the cryptography generation. I could probably still
add it in, but as far as I can tell, the note is not visible from GitHub
anyway (and the public ssh key is not used anywhere else). GitHub shows its
own note, which is set by the title parameter of upload_GitHub_deploy_key().
@asmeurer
Copy link
Member Author

So it works I guess. I hope I didn't f up the crypto.

Another benefit of this is that the private SSH key is never written to the filesystem.

@gforsyth
Copy link
Member

Hey @asmeurer -- this looks good to me. Always nice to be more platform friendly and to keep sensitive data off the filesystem. This can go in after travis finishes up.

@gforsyth
Copy link
Member

Yeah, I looked over the cryptography bits and while I'm certainly not a crypto expert it seems like all the right options to me.

@gforsyth gforsyth merged commit aeff278 into master Apr 10, 2018
@gforsyth gforsyth deleted the cryptography-ssh-keygen branch April 10, 2018 23:39
@asmeurer
Copy link
Member Author

Thanks for the review @gforsyth!

@asmeurer asmeurer mentioned this pull request Apr 16, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@asmeurer @gforsyth