jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Since we need root to save the authorized_key file we do it via sudo script

Browse Source
This commit is contained in:
Johannes Zellner
2017-03-07 15:16:41 +01:00
parent 101a44affd
commit e61f11be81
2 changed files with 41 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/ssh.js
View File

@@ -16,9 +16,12 @@ var assert = require('assert'),
fs = require('fs'),
path = require('path'),
safe = require('safetydance'),
shell = require('./shell.js'),
util = require('util');
var AUTHORIZED_KEYS_FILEPATH = config.TEST ? path.join(config.baseDir(), 'authorized_keys') : '/root/.ssh/authorized_keys';
var AUTHORIZED_KEYS_TMP_FILEPATH = '/tmp/.authorized_keys';
var AUTHORIZED_KEYS_CMD = path.join(__dirname, 'scripts/authorized_keys.sh');
var VALID_KEY_TYPES = ['ssh-rsa']; // TODO add all supported ones
var VALID_MIN_KEY_LENGTH = 370; // TODO verify this length requirement
@@ -56,24 +59,29 @@ function clear(callback) {
function saveKeys(keys) {
assert(Array.isArray(keys));
if (!safe.fs.writeFileSync(AUTHORIZED_KEYS_FILEPATH, keys.map(function (k) { return k.key; }).join('\n'))) {
if (!safe.fs.writeFileSync(AUTHORIZED_KEYS_TMP_FILEPATH, keys.map(function (k) { return k.key; }).join('\n'))) {
console.error(safe.error);
return false;
}
try {
// 600 = rw-------
fs.chmodSync(AUTHORIZED_KEYS_FILEPATH, '600');
fs.chmodSync(AUTHORIZED_KEYS_TMP_FILEPATH, '600');
} catch (e) {
console.error('Failed to adjust permissions of %s', AUTHORIZED_KEYS_FILEPATH, e);
console.error('Failed to adjust permissions of %s', AUTHORIZED_KEYS_TMP_FILEPATH, e);
return false;
}
// TODO make ec2 work
shell.sudoSync('authorized_keys', util.format('%s %s %s %s', AUTHORIZED_KEYS_CMD, config.TEST ? process.env.USER : 'root', AUTHORIZED_KEYS_TMP_FILEPATH, AUTHORIZED_KEYS_FILEPATH));
return true;
}
function getKeys() {
var content = safe.fs.readFileSync(AUTHORIZED_KEYS_FILEPATH, 'utf8');
shell.sudoSync('authorized_keys', util.format('%s %s %s %s', AUTHORIZED_KEYS_CMD, process.env.USER, AUTHORIZED_KEYS_FILEPATH, AUTHORIZED_KEYS_TMP_FILEPATH));
var content = safe.fs.readFileSync(AUTHORIZED_KEYS_TMP_FILEPATH, 'utf8');
if (!content) return [];
var keys = content.split('\n')