+# create the key if needed and returns the key contents
+def generate_sshkey (sliver):
+# initial version was storing stuff in the sliver directly
+# keyfile="/vservers/%s/home/%s/.ssh/id_rsa"%(sliver['name'], sliver['name'])
+# we're now storing this in the same place as the authorized_keys, which in turn
+# gets mounted to the user's home directory in the sliver
+ keyfile="/home/%s/.ssh/id_rsa"%(sliver['name'])
+ pubfile="%s.pub"%keyfile
+ dotssh=os.path.dirname(keyfile)
+ # create dir if needed
+ if not os.path.isdir (dotssh):
+ os.mkdir (dotssh, 0o700)
+ logger.log_call ( [ 'chown', "%s:slices"%(sliver['name']), dotssh ] )
+ if not os.path.isfile(pubfile):
+ comment="%s@%s"%(sliver['name'], socket.gethostname())
+ logger.log_call( [ 'ssh-keygen', '-t', 'rsa', '-N', '', '-f', keyfile , '-C', comment] )
+ os.chmod (keyfile, 0o400)
+ logger.log_call ( [ 'chown', "%s:slices"%(sliver['name']), keyfile, pubfile ] )
+ with open(pubfile) as f:
+ return f.read().strip()
+
+# a sliver can get created, deleted and re-created
+# the slice having the tag is not sufficient to skip key geneneration