aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssh/src/ssh_file.erl
diff options
context:
space:
mode:
Diffstat (limited to 'lib/ssh/src/ssh_file.erl')
-rwxr-xr-xlib/ssh/src/ssh_file.erl40
1 files changed, 30 insertions, 10 deletions
diff --git a/lib/ssh/src/ssh_file.erl b/lib/ssh/src/ssh_file.erl
index 5572349fe7..ff23f714cd 100755
--- a/lib/ssh/src/ssh_file.erl
+++ b/lib/ssh/src/ssh_file.erl
@@ -27,14 +27,16 @@
-include("PKCS-1.hrl").
-include("DSS.hrl").
+-include_lib("kernel/include/file.hrl").
+
-export([public_host_dsa_key/2,private_host_dsa_key/2,
public_host_rsa_key/2,private_host_rsa_key/2,
public_host_key/2,private_host_key/2,
lookup_host_key/3, add_host_key/3, % del_host_key/2,
lookup_user_key/3, ssh_dir/2, file_name/3]).
--export([private_identity_key/2]).
-%% , public_identity_key/2,
+-export([private_identity_key/2,
+ public_identity_key/2]).
%% identity_keys/2]).
-export([encode_public_key/1, decode_public_key_v2/2]).
@@ -43,6 +45,9 @@
-define(DBG_PATHS, true).
+-define(PERM_700, 8#700).
+-define(PERM_644, 8#644).
+
%% API
public_host_dsa_key(Type, Opts) ->
File = file_name(Type, "ssh_host_dsa_key.pub", Opts),
@@ -113,8 +118,10 @@ do_lookup_host_key(Host, Alg, Opts) ->
add_host_key(Host, Key, Opts) ->
Host1 = add_ip(replace_localhost(Host)),
- case file:open(file_name(user, "known_hosts", Opts),[write,append]) of
+ KnownHosts = file_name(user, "known_hosts", Opts),
+ case file:open(KnownHosts, [write,append]) of
{ok, Fd} ->
+ ok = file:change_mode(KnownHosts, ?PERM_644),
Res = add_key_fd(Fd, Host1, Key),
file:close(Fd),
Res;
@@ -140,6 +147,11 @@ private_identity_key(Alg, Opts) ->
Path = file_name(user, identity_key_filename(Alg), Opts),
read_private_key_v2(Path, Alg).
+public_identity_key(Alg, Opts) ->
+ Path = file_name(user, identity_key_filename(Alg) ++ ".pub", Opts),
+ read_public_key_v2(Path, Alg).
+
+
read_public_key_v2(File, Type) ->
case file:read_file(File) of
{ok,Bin} ->
@@ -198,12 +210,17 @@ read_public_key_v1(File) ->
%% pem_type("ssh-rsa") -> "RSA".
read_private_key_v2(File, Type) ->
- case catch (public_key:pem_to_der(File)) of
- {ok, [{_, Bin, not_encrypted}]} ->
- decode_private_key_v2(Bin, Type);
- Error -> %% Note we do not handle password encrypted keys at the moment
- {error, Error}
- end.
+ case file:read_file(File) of
+ {ok, PemBin} ->
+ case catch (public_key:pem_decode(PemBin)) of
+ [{_, Bin, not_encrypted}] ->
+ decode_private_key_v2(Bin, Type);
+ Error -> %% Note we do not handle password encrypted keys at the moment
+ {error, Error}
+ end;
+ {error, Reason} ->
+ {error, Reason}
+ end.
%% case file:read_file(File) of
%% {ok,Bin} ->
%% case read_pem(binary_to_list(Bin), pem_type(Type)) of
@@ -527,4 +544,7 @@ file_name(Type, Name, Opts) ->
default_user_dir()->
{ok,[[Home|_]]} = init:get_argument(home),
- filename:join(Home, ".ssh").
+ UserDir = filename:join(Home, ".ssh"),
+ ok = filelib:ensure_dir(filename:join(UserDir, "dummy")),
+ ok = file:change_mode(UserDir, ?PERM_700),
+ UserDir.