-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsshcli.py
executable file
·91 lines (74 loc) · 2.38 KB
/
sshcli.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
#!/usr/bin/env python
import requests
import os
from getpass import getpass, getuser
import sys
import argparse
from json import dumps
from requests.auth import HTTPBasicAuth
# Defaults
URL = "https://sshauthapi.nersc.gov"
OUTPUT = os.environ['HOME'] + '/.ssh/nersc'
MAXRETRY = 3
def parse_args():
parser = argparse.ArgumentParser(description='Request an ssh key pair ' +
'from an ssh proxy server')
parser.add_argument('--scope', '-s', help='name of scope')
parser.add_argument('--debug', '-d', help='additional debug',
action='store_true')
parser.add_argument('--key', '-k', help='prompt for skey',
action='store_true')
parser.add_argument('--url', dest='url', help='url for service',
default=URL)
parser.add_argument('--user', '-u', help='username',
default=getuser())
parser.add_argument('--output', '-o', help='output file name',
default=OUTPUT)
return parser.parse_args()
def error(message):
sys.stderr.write(message + '\n')
sys.exit(1)
def write_output(data, output):
cert = None
with open(output, 'w') as f:
os.chmod(output, 0o600)
for line in data.split('\n'):
if line.startswith('ssh-rsa-cert'):
cert = line
break
f.write(line+'\n')
if cert is not None:
print("Writing cert")
with open(output+'-cert.pub', 'w') as f:
f.write(cert+'\n')
def main():
args = parse_args()
data = None
user = args.user
output = args.output
url = args.url + '/create_pair'
if args.scope is not None:
url += '/%s/' % (args.scope)
retry = 0
if args.key:
skey = getpass('skey: ')
data = dumps({'skey': skey})
while (retry < MAXRETRY):
pwd = getpass()
if args.debug:
print(url)
resp = requests.post(url, auth=HTTPBasicAuth(user, pwd), data=data)
if resp.status_code != 200:
retry += 1
print(resp.text)
else:
break
if retry == MAXRETRY:
error("Max retries. Exiting.")
try:
write_output(resp.text, output)
except Exception:
error('Error saving output.')
print("Success. Key saved in %s" % (output))
if __name__ == '__main__':
main()