* Started work on a system to provide inter-machine ssh communication without needing to track or record passwords in the database or config files (outside the database access passwords). Added 'host_key' to the 'hosts' table that stores the host public key. Also now create ssh public/private key pairs for the 'root' and 'admin' users.
Theisthehost'spublickeyusedbyothermachinestovalidatethismachinewhenconnectingtoitusingssh.ThevaluecomesfromC<</etc/ssh/ssh_host_ecdsa_key.pub >>. An example string would be C<< ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMLEG+mcczSUgmcSuRNZc5OAFPa7IudZQv/cYWzCzmlKPMkIdcNiYDuFM1iFNiV9wVtAvkIXVSkOe2Ah/BGt6fQ=>>.
<keyname="log_0266">This file is large, [#!variable!size!#], this might take a bit of time...</key>
<keyname="log_0266">This file is large, [#!variable!size!#], this might take a bit of time...</key>
<keyname="log_0267">Failed to move the file: [#!variable!source_file!#] to: [#!variable!target_file!#] on the target: [#!variable!target!#] as: [#!variable!remote_user!#]. The error (if any) was: [#!variable!error!#] and the output (if any) was: [#!variable!output!#].</key>
<keyname="log_0267">Failed to move the file: [#!variable!source_file!#] to: [#!variable!target_file!#] on the target: [#!variable!target!#] as: [#!variable!remote_user!#]. The error (if any) was: [#!variable!error!#] and the output (if any) was: [#!variable!output!#].</key>
<keyname="log_0268">The file: [#!variable!file!#] has been added to the database (if needed) moved to: [#!variable!target!#].</key>
<keyname="log_0268">The file: [#!variable!file!#] has been added to the database (if needed) moved to: [#!variable!target!#].</key>
<keyname="log_0269">The file: [#!variable!file!#] should exist, but doesn't. We will try to find it now.</key>
<keyname="log_0270">The user: [#!variable!user!#] doesn't appear to have an SSH key yet. Will create it now. This could take some time, depending on how long it takes to collect entropy. If this appears to not be responding, move the mouse or do other things to generate activity on the host.</key>
<keyname="log_0271">
The user: [#!variable!user!#]'s SSH key yet has been generated. The output is below;
====
#!variable!output!#
====
</key>
<keyname="log_0272">The user: [#!variable!user!#] doesn't appear to have a base SSH directory. Will now create: [#!variable!directory!#].</key>
<!-- Test words. Do NOT change unless you update 't/Words.t' or tests will needlessly fail. -->
<!-- Test words. Do NOT change unless you update 't/Words.t' or tests will needlessly fail. -->
<keyname="t_0000">Test</key>
<keyname="t_0000">Test</key>
@ -823,6 +832,12 @@ The update appears to have not completed successfully. The output was:
<keyname="error_0054">Failed!</key>
<keyname="error_0054">Failed!</key>
<keyname="error_0055">A request to toggle the script flag was received, but no file name was given.</key>
<keyname="error_0055">A request to toggle the script flag was received, but no file name was given.</key>
<keyname="error_0056">A request to rename the file: [#!variable!file!#] to: [#!variable!to!#], but there is an existing file or directory with that name.</key>
<keyname="error_0056">A request to rename the file: [#!variable!file!#] to: [#!variable!to!#], but there is an existing file or directory with that name.</key>
<keyname="error_0057">
Failed to generate an RSA public key for the user: [#!variable!user!#]. The output, if any, is below:
====
#!variable!output!#
====
</key>
<!-- These are units, words and so on used when displaying information. -->
<!-- These are units, words and so on used when displaying information. -->
foreach my $target (sort {$a cmp $b} keys %{$anvil->data->{path}{directories}{shared}})
foreach my $target (sort {$a cmp $b} keys %{$anvil->data->{path}{directories}{shared}})
{
{
my $directory = $anvil->data->{path}{directories}{shared}{$target};
my $directory = $anvil->data->{path}{directories}{shared}{$target};
@ -293,6 +298,87 @@ sub handle_periodic_tasks
return(0);
return(0);
}
}
# Check that the host's fingerprint and users we care about have ssh public keys and they're recorded in ssh_keys.
sub check_ssh_keys
{
my ($anvil) = @_;
### TODO: Left off here... Then read in the same for all other machines and use it to generate/update each user's 'known_hosts' file.
### For each user, if there is no SSH public key, create it. If / once it exists, add/update it the database. Finally, use key user keys from other users on other systems to populate / update the user's authorized_keys file.