#1: added upstream_authorized_keys parameter for upstream specific au…

…thorized_keys file path
ybulach · Oct 5, 2016 · 1839ab4 · 1839ab4
1 parent 646dac0
commit 1839ab4
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -77,6 +77,7 @@ Upstream servers configuration is made in `servers` (must be an **array**). Each
 - `upstream_user`: set another login for the upstream server
 - `upstream_password`: set another password for the upstream server
 - `upstream_key`: path to an SSH private key to use to connect to the upstream server (must be created manually). The public part must be added in the upstream's `authorized_keys` file
+- `upstream_authorized_keys`: path to the `authorized_keys` file on the upstream server, used to look for the client public key
 - `upstream_port`: the port of the upstream server
 - `upstream_root_path`: the base path for SFTP connections (client will not be able to go in a parent directory)
 

diff --git a/pysshrp/clientthread.py b/pysshrp/clientthread.py
@@ -127,15 +127,15 @@ def check_auth_publickey(self, username, key):
 		if self._connectToUpstream(upstream, publickey=True) == paramiko.AUTH_SUCCESSFUL:
 			try:
 				sftp = self.client.open_sftp()
-				with sftp.file('.ssh/authorized_keys', 'r') as file:
+				with sftp.file(upstream.upstream_authorized_keys, 'r') as file:
 					for line in file.readlines():
 						line = line.split(' ')
 						if (len(line) >= 2) and (line[0] == key.get_name()) and (line[1] == key.get_base64()):
 							authenticated = True
 							break
 				sftp.close()
 			except Exception:
-				self.logger.info('%s:%d: an error occurred while looking for the public key of "%s" in upstream\'s .ssh/authorized_keys file' % (self.client_address + (username,)))
+				self.logger.info('%s:%d: an error occurred while looking for the public key of "%s" in upstream\'s "%s" file' % (self.client_address + (username, upstream.upstream_authorized_keys)))
 				self.logger.debug('Catched exception', exc_info=True)
 
 			# Close all connections

diff --git a/pysshrp/configurationparser.py b/pysshrp/configurationparser.py
@@ -139,6 +139,7 @@ class ConfigUpstream():
 	upstream_user = ''
 	upstream_password = ''
 	upstream_key = None
+	upstream_authorized_keys = '.ssh/authorized_keys'
 	upstream_port = 22
 	upstream_root_path = ''
 	allow_ssh = True
@@ -158,6 +159,8 @@ def __init__(self, *args, **kwargs):
 				raise ConfigurationException('value of "upstream_password" must be a string')
 			elif (key == 'upstream_key') and not isinstance(value, str):
 				raise ConfigurationException('value of "upstream_key" must be a string')
+			elif (key == 'upstream_authorized_keys') and not isinstance(value, str):
+				raise ConfigurationException('value of "upstream_authorized_keys" must be a string')
 			elif (key == 'upstream_port') and not isinstance(value, int):
 				raise ConfigurationException('value of "upstream_port" must be an integer')
 			elif (key == 'upstream_root_path') and not isinstance(value, str):