+
+# SSH stuff
+
+def gen_ssh_keypair(filename):
+ ssh_keygen = nepi.util.environ.find_bin_or_die("ssh-keygen")
+ args = [ssh_keygen, '-q', '-N', '', '-f', filename]
+ assert subprocess.Popen(args).wait() == 0
+ return filename, "%s.pub" % filename
+
+def add_key_to_agent(filename):
+ ssh_add = nepi.util.environ.find_bin_or_die("ssh-add")
+ args = [ssh_add, filename]
+ with open("/dev/null", "w") as null:
+ assert subprocess.Popen(args, stderr = null).wait() == 0
+
+def get_free_port():
+ s = socket.socket()
+ s.bind(("127.0.0.1", 0))
+ port = s.getsockname()[1]
+ return port
+
+_SSH_CONF = """ListenAddress 127.0.0.1:%d
+Protocol 2
+HostKey %s
+UsePrivilegeSeparation no
+PubkeyAuthentication yes
+PasswordAuthentication no
+AuthorizedKeysFile %s
+UsePAM no
+AllowAgentForwarding yes
+PermitRootLogin yes
+StrictModes no
+PermitUserEnvironment yes
+"""
+
+def gen_sshd_config(filename, port, server_key, auth_keys):
+ with open(filename, "w") as conf:
+ text = _SSH_CONF % (port, server_key, auth_keys)
+ conf.write(text)
+ return filename
+
+def gen_auth_keys(pubkey, output, environ):
+ #opts = ['from="127.0.0.1/32"'] # fails in stupid yans setup
+ opts = []
+ for k, v in environ.items():
+ opts.append('environment="%s=%s"' % (k, v))
+
+ with open(pubkey) as f:
+ lines = f.readlines()
+ pubkey = lines[0].split()[0:2]
+ with open(output, "w") as out:
+ out.write("%s %s %s\n" % (",".join(opts), pubkey[0], pubkey[1]))
+ return output
+
+def start_ssh_agent():
+ ssh_agent = nepi.util.environ.find_bin_or_die("ssh-agent")
+ proc = subprocess.Popen([ssh_agent], stdout = subprocess.PIPE)
+ (out, foo) = proc.communicate()
+ assert proc.returncode == 0
+ d = {}
+ for l in out.split("\n"):
+ match = re.search("^(\w+)=([^ ;]+);.*", l)
+ if not match:
+ continue
+ k, v = match.groups()
+ os.environ[k] = v
+ d[k] = v
+ return d
+
+def stop_ssh_agent(data):
+ # No need to gather the pid, ssh-agent knows how to kill itself; after we
+ # had set up the environment
+ ssh_agent = nepi.util.environ.find_bin_or_die("ssh-agent")
+ with open("/dev/null", "w") as null:
+ proc = subprocess.Popen([ssh_agent, "-k"], stdout = null)
+ assert proc.wait() == 0
+ for k in data:
+ del os.environ[k]
+