diff options
| author | Ingela Anderton Andin <[email protected]> | 2012-02-14 14:56:46 +0100 |
|---|---|---|
| committer | Ingela Anderton Andin <[email protected]> | 2012-02-15 11:59:08 +0100 |
| commit | cd667daee8ac822bd689de73d54e3a4421706519 (patch) | |
| tree | efb052dc7ecfc7cdad4664496a18c6a9a423af0a /lib/ssh/src | |
| parent | 4a9cf8de2125832cdc636693ec23f625f195b9e8 (diff) | |
| download | otp-cd667daee8ac822bd689de73d54e3a4421706519.tar.gz otp-cd667daee8ac822bd689de73d54e3a4421706519.tar.bz2 otp-cd667daee8ac822bd689de73d54e3a4421706519.zip | |
Add support for key files protected by pass phrases
Diffstat (limited to 'lib/ssh/src')
| -rw-r--r-- | lib/ssh/src/ssh.erl | 4 | ||||
| -rw-r--r-- | lib/ssh/src/ssh_file.erl | 28 |
2 files changed, 24 insertions, 8 deletions
diff --git a/lib/ssh/src/ssh.erl b/lib/ssh/src/ssh.erl index c47db64497..5751f2eaa0 100644 --- a/lib/ssh/src/ssh.erl +++ b/lib/ssh/src/ssh.erl @@ -306,6 +306,10 @@ handle_options([{connect_timeout, _} = Opt | Rest], SockOpts, Opts) -> handle_options(Rest, SockOpts, [Opt | Opts]); handle_options([{user, _} = Opt | Rest], SockOpts, Opts) -> handle_options(Rest, SockOpts, [Opt | Opts]); +handle_options([{dsa_pass_phrase, _} = Opt | Rest], SockOpts, Opts) -> + handle_options(Rest, SockOpts, [Opt | Opts]); +handle_options([{rsa_pass_phrase, _} = Opt | Rest], SockOpts, Opts) -> + handle_options(Rest, SockOpts, [Opt | Opts]); handle_options([{password, _} = Opt | Rest], SockOpts, Opts) -> handle_options(Rest, SockOpts, [Opt | Opts]); handle_options([{user_passwords, _} = Opt | Rest], SockOpts, Opts) -> diff --git a/lib/ssh/src/ssh_file.erl b/lib/ssh/src/ssh_file.erl index 8569051bee..d05fa8e09a 100644 --- a/lib/ssh/src/ssh_file.erl +++ b/lib/ssh/src/ssh_file.erl @@ -46,7 +46,10 @@ %% Used by server host_key(Algorithm, Opts) -> File = file_name(system, file_base_name(Algorithm), Opts), - Password = proplists:get_value(password, Opts, ignore), + %% We do not expect host keys to have pass phrases + %% so probably we could hardcod Password = ignore, but + %% we keep it as an undocumented option for now. + Password = proplists:get_value(identity_pass_phrase(Algorithm), Opts, ignore), decode(File, Password). @@ -68,9 +71,9 @@ is_host_key(Key, PeerName, Algorithm, Opts) -> false end. -user_key(Alg, Opts) -> - File = file_name(user, identity_key_filename(Alg), Opts), - Password = proplists:get_value(password, Opts, ignore), +user_key(Algorithm, Opts) -> + File = file_name(user, identity_key_filename(Algorithm), Opts), + Password = proplists:get_value(identity_pass_phrase(Algorithm), Opts, ignore), decode(File, Password). @@ -210,10 +213,20 @@ do_lookup_host_key(Host, Alg, Opts) -> Error -> Error end. -identity_key_filename("ssh-dss") -> "id_dsa"; -identity_key_filename("ssh-rsa") -> "id_rsa". +identity_key_filename("ssh-dss") -> + "id_dsa"; +identity_key_filename("ssh-rsa") -> + "id_rsa". + +identity_pass_phrase("ssh-dss") -> + dsa_pass_phrase; +identity_pass_phrase('ssh-dss') -> + dsa_pass_phrase; +identity_pass_phrase('ssh-rsa') -> + rsa_pass_phrase; +identity_pass_phrase("ssh-rsa") -> + rsa_pass_phrase. - lookup_host_key_fd(Fd, Host, KeyType) -> case io:get_line(Fd, '') of eof -> @@ -290,7 +303,6 @@ is_auth_key(Key, Key) -> is_auth_key(_,_) -> false. - default_user_dir()-> {ok,[[Home|_]]} = init:get_argument(home), UserDir = filename:join(Home, ".ssh"), |