Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add have authorized key matcher #75

Merged
merged 4 commits into from May 2, 2013

Conversation

@takatoshi-maeda
Copy link
Contributor

@takatoshi-maeda takatoshi-maeda commented May 1, 2013

Hello.
I had added the following matcher.

  • Check user has in the authorizedkey the public key.

My environment success all specs.(Mac OS X 10.8.2)
It was confirmed that it is run successfully on CentOS6.3.
Other environments is not able to test yet...sorry...
But Rspec is all green.

Please confirm.
Thank you.

for check user do have a ssh authorized_key.
for check user do have a ssh authorozed_key.
cmd += "'"
cmd
end

Copy link
Owner

@mizzy mizzy May 1, 2013

How about this ?

def check_authorized_key user, key
  "grep -w '#{key}' ~#{user}/.ssh/authorized_keys"
end

Copy link
Owner

@mizzy mizzy May 1, 2013

And, root@serverspec.local is a comment, so ssh-rsa ABCDE...XYZ root@serverspec.local and ssh-rsa ABCDE...XYZ foo@bar.local are identical.

I think you should check the key without a comment like this.

def check_authorized_key user, key
  key.sub!(/\s+\S+$/, '') if key.match(/^\S+\s+\S+\s+\S+$/)
  "grep -w '#{key}' ~#{user}/.ssh/authorized_keys"
end

Copy link
Contributor Author

@takatoshi-maeda takatoshi-maeda May 2, 2013

Hi.

nice!
I did not know how to write that.
And that the end-of-line SSH public key points to comment.

I will resend two modifications pullreques.

I was able to learn few knowledge.
Thanks:-)

To be able to understand the test data at a glance
・Refactoring a shellscript to check the SSH public key.
・Commands spec is changed for new command test.
・Before check remove ssh publickey comment.
@takatoshi-maeda
Copy link
Contributor Author

@takatoshi-maeda takatoshi-maeda commented May 2, 2013

Hello.

I was fixed a place where it has been pointed out.

I changed the regular expression only one place.

  def check_authorized_key user, key
    # Supports only when EOL has a blank.
    key.sub!(/\s+\S*$/, '') if key.match(/^\S+\s+\S+\s+\S*$/)                                                                                                                                                                                                           
    "grep -w '#{key}' ~#{user}/.ssh/authorized_keys"
  end

I think EOL has a blank only when not good case.
but, this case when ssh login success.
I thought the test should be successful if can log in with SSH.

My environment success all specs.(Mac OS X 10.8.2)
It was confirmed that it is run successfully on CentOS6.3.
(commentedkey, uncommentedkey, EOL has a blank only case)
Other environments is not able to test yet...sorry...
But Rspec is all green.

Please confirm.
Thank you:-)

@mizzy mizzy merged commit 2a9f04c into mizzy:master May 2, 2013
1 check passed
@mizzy
Copy link
Owner

@mizzy mizzy commented May 2, 2013

LGTM. Thnaks!

@takatoshi-maeda takatoshi-maeda deleted the add_have_authorized_key_matcher branch May 5, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
2 participants