Current File : //usr/lib/python3/dist-packages/cloudinit/config/__pycache__/cc_ssh.cpython-312.pyc
�

 Nh�+�
���UdZddlZddlZddlZddlZddlZddlmZmZm	Z	ddl
mZmZm
Z
mZddlmZddlmZddlmZddlmZmZdd	lmZd
egegd�Zeed<ej8e�Zgd
�ZdgZ dZ!dZ"gZ#ee$ed<iZ%iZ&eD]BZ'e%jQe'�d�e!e'zdfe'�d�e!e'z�d�dfe'�d�e!e'z�d�dfi�e'�d�e&e'�d�<�DdZ)de$ddfd�Z*de$deded e+ddf
d!�Z,d"�Z-d%d#ee	e$fd$�Z.y)&zSSH: Configure SSH and SSH keys�N)�List�Optional�Sequence)�	lifecycle�ssh_util�subp�util)�Cloud)�Config)�
MetaSchema)�ALL_DISTROS�ug_util)�PER_INSTANCE�cc_ssh)�id�distros�	frequency�activate_by_schema_keys�meta)�rsa�ecdsa�ed25519rz/etc/ssh/ssh_host_%s_keyT�HOST_KEY_PUBLISH_BLACKLIST�_private��_public�.pub��_certificatez	-cert.pubz;o=$(ssh-keygen -yf "%s") && echo "$o" root@localhost > "%s"�keyfile�returnc�0�d}tj�}|r|tjdd�krd}nd}t	j
d�}|dk7rt
j|d|�t
j||�t
j|�d�|�y	)
a�
    For fedora 37, centos 9 stream and below:
     - sshd version is earlier than version 9.
     - 'ssh_keys' group is present and owns the private keys.
     - private keys have permission 0o640.
    For fedora 38, centos 10 stream and above:
     - ssh version is atleast version 9.
     - 'ssh_keys' group is absent. 'root' group owns the keys.
     - private keys have permission 0o600, same as upstream.
    Public keys in all cases have permission 0o644.
    r�	ri�r�ssh_keys���rN)	r�get_opensshd_upstream_versionr�Versionr	�get_group_id�os�chown�chmod)r �permissions_public�ssh_version�permissions_private�gids     �9/usr/lib/python3/dist-packages/cloudinit/config/cc_ssh.py�set_redhat_keyfile_permsr1=s������8�8�:�K��{�Y�%6�%6�q�!�%<�<�
$��$��
�
�
�J�
'�C�
�b�y�
	����"�c�"��H�H�W�)�*��H�H��y��
�1�2��name�cfg�cloud�argsc	��|jdd�rPtjjdd�}t	j|�D]}	tj|��d|v�rag}|dj�D]�\}}|tvr3tjd|�rd}	nd	}	tjd
|	|��At|d}
t|d}tj|
||�d
|vs�u|j!dt#|
�f���|rt%j&|�t(j�D]�\}}
|
|dvs||dvr�t|dt|
d}}ddt*||fzg}	tj,dd��5t/j.|d��ddd�tj1d||����n�tj2|dt4�}tj6�s|n|D�cgc]}|t8vr|��c}}t;|�j=|�}|r%tj1ddj|��|D�]}t>|z}tjjA|�r�-tjBtjjE|��dd|ddd|g}tj,dd��5	t/j.|dd d!i�"�\}}tjF|d#d�s2tHjJjMtjN|��|jPjRd$k(rtU|�ddd���d(|vr=tj2|d(d)t`�}tjF|d(d*tb�}nt`}tb}|r(te|�+�}	|jfji|�	tkjl||jP�\}}tkjn|�\}} tjF|d-d�}!tjp|d.t$jr�}"g}#tjF|d/d�r|ju�xsg}#ntj1d0�d1|vr|d1}$|#jw|$�ty|#||!|"�y#t$rtjtd|�Y���wxYw#1swY��MxYw#t$r$tjtd|�d|���Y���wxYwcc}w#t.jV$r�}tjN|jX�j[�}|j\dk(r6|j[�j_d%�rtj1d&|�ntjtd'||�Yd}~��zd}~wwxYw#1swY���xYw#t$rtjtd,�Y��3wxYw#t$rtjtd2�YywxYw)3N�ssh_deletekeysTz	/etc/ssh/zssh_host_*key*zFailed deleting key file %sr$z4^(ecdsa-sk|ed25519-sk)_(private|public|certificate)$�unsupported�unrecognizedz Skipping %s ssh_keys entry: "%s"r�r�HostCertificate�shz-xcz/etc/ssh)�	recursiveF)�capturezGenerated a key for %s from %szFailed generating a key for z from �ssh_genkeytypesz5skipping keys that are not supported in fips mode: %s�,z
ssh-keygenz-tz-N�z-f�LANG�C)r?�
update_env�ssh_quiet_keygen�redhatzunknown keyz!ssh-keygen: unknown key type '%s'z(Failed generating key type %s to file %s�ssh_publish_hostkeys�	blacklist�enabled)rIzPublishing host keys failed!�disable_root�disable_root_opts�allow_public_ssh_keyszSSkipping import of publish SSH keys per config setting: allow_public_ssh_keys=False�ssh_authorized_keysz Applying SSH credentials failed!)=�getr)�path�join�globr	�del_file�	Exception�logexc�LOG�items�CONFIG_KEY_TO_FILE�re�match�warning�
write_file�append�strr�append_ssh_config�PRIV_TO_PUB�KEY_GEN_TPL�SeLinuxGuardr�debug�get_cfg_option_list�GENERATE_KEY_NAMES�fips_enabled�FIPS_UNSUPPORTED_KEY_NAMES�set�
difference�KEY_FILE_TPL�exists�
ensure_dir�dirname�get_cfg_option_bool�sys�stdout�write�
decode_binary�distro�osfamilyr1�ProcessExecutionError�stderr�lower�	exit_code�
startswithr�PUBLISH_HOST_KEYS�get_public_host_keys�
datasource�publish_host_keysr�normalize_users_groups�extract_default�get_cfg_option_str�DISABLE_USER_OPTS�get_public_ssh_keys�extend�apply_credentials)%r3r4r5r6�key_pth�f�cert_config�key�val�reason�tgt_fn�	tgt_perms�private_type�public_type�private_file�public_file�cmd�genkeys�names�	key_names�skipped_keys�keytyper �out�err�e�host_key_blacklist�publish_hostkeys�hostkeys�users�_groups�user�_user_configrKrL�keys�cfgkeyss%                                     r0�handler�as����w�w���&��'�'�,�,�{�,<�=�����7�#�	C�A�
C��
�
�a� �	C��S�����J��-�-�/�	E�H�C���,�,��8�8�J�C��+�F�+�F����>���L��'��,�Q�/�F�*�3�/��2�I��O�O�F�C��3���$��"�"�$5�s�6�{�#C�D�	E�"��&�&�{�3�)4�):�):�)<�	�%�L�+��s�:��.��s�:��6��"�<�0��3�"�;�/��2�&�L����|�[�.I� I�J�C�
��&�&�z�T�B�2��I�I�c�5�1�2��	�	�4�k�<��	�4�*�*��"�$6�
���$�$�&�
�%���� :�:���	��7�|�.�.�y�9����I�I�G�����&�
�
!� 	�G�"�g�.�G��w�w�~�~�g�&���O�O�B�G�G�O�O�G�4�5���w��b�$��H�C��"�"�:��>�
��#�y�y��T�v�s�m� �H�C�� �3�3��/����
�
�(�(��);�);�C�)@�A��|�|�,�,��8�0��9�
�
� 	�D��$�!�5�5��&�'��&�
��
 �3�3��&�'��4E�
��8��,���'�2D�E��	=����.�.�x�8�=�"�9�9�#�u�|�|�L����&�6�6�u�=���|��/�/��^�T�J�� �3�3��$�h�&@�&@�
�����#�#�C�)@�$�G��,�,�.�4�"�D��I�I�>�
�
!�C�'��/�0�G��K�K�� ��$��l�4E�F��g�
C����C�!>��B�
C��N2�2��
�
�����2�"�m�6�,��9��
����B�1�1���,�,�Q�X�X�6�<�<�>�C��{�{�a�'�C�I�I�K�,B�,B�%�-��	�	�"E�w�O�����F�#�#�	�����
�
��V�	=��K�K��;�<�	=��2�=����C�;�<�=�s��S�7S>�S1�&S>�>T.�W"�B
T3�W/�#C"X�$S.�-S.�1S;	�6S>�>)T+�*T+�3W�BW�W"�W�W"�"W,	�/#X�X�#X?�>X?c���t|�}|rtj||�|r)|sd}|jd|�}|jdd�}nd}tj|d|��y)N�NONEz$USERz
$DISABLE_USER�rootrB)�options)rhr�setup_user_keys�replace)r�r�rKrL�
key_prefixs     r0r�r�sd���t�9�D��� � ��t�,����D�&�.�.�w��=�
��'�'���@�
��
����T�6�:�>r2rIc�f�t�d�}g}g}|r|D�cgc]}||fz��
}}tj|dz�D�cgc]}||vr|��
}}|D]V}tj|�}|j	�}	|	s�+t|	�dkDs�:|j
t|	dd���X|Scc}wcc}w)aRead host keys from /etc/ssh/*.pub files and return them as a list.

    @param blacklist: List of key types to ignore. e.g. ['rsa']
    @returns: List of keys, each formatted as a two-element tuple.
        e.g. [('ssh-rsa', 'AAAAB3Nz...'), ('ssh-ed25519', 'AAAAC3Nx...')]
    r)�*r;N�)rjrRr	�load_text_file�split�lenr]�tuple)
rI�public_key_file_tmpl�key_list�blacklist_files�key_type�hostfile�	file_list�	file_name�
file_contents�key_datas
          r0r{r{s���(4�5���H��O��@I�
�3;� �H�;�.�
��
��	�	�"6��"?�@����?�*�	��I���1�	��+�+�I�6�
� �&�&�(����H�
��)��O�O�E�(�2�A�,�/�0�	1�
�O��#
��s
�
B)�
B.)N)/�__doc__rR�loggingr)rYro�typingrrr�	cloudinitrrrr	�cloudinit.cloudr
�cloudinit.configr�cloudinit.config.schemar�cloudinit.distrosr
r�cloudinit.settingsrr�__annotations__�	getLogger�__name__rVrergrjrzrr^rXr`�k�updaterar1�listr�r�r{�r2r0�<module>r�s���&���	�	�
�+�+�5�5�!�#�.�2�+���}��!�	��j���g����!��0��'�[��)����(*��D��I�*�����	�0�A�����c��N�\�A�-�u�5��c��M�|�a�/�0��5�u�=��c���L�1�$4�#5�Y�!?�� G�	
��&'�C�w�-�K�1�#�X���0�L��!3�c�!3�d�!3�H]=��]=�6�]=�%�]=�t�]=��]=�@?�"�H�X�c�]�$;�r2
Page Not Found

Parece que esta página no existe.

Parece que el enlace que apuntaba aquí no sirve. ¿Quieres probar con una búsqueda?
¡Hola!