use of com.jcraft.jsch.KeyPair in project jcabi-github by jcabi.
the class RtPublicKeysITCase method key.
/**
* Generates a random public key for test.
* @return The encoded SSH public key.
* @throws Exception If a problem occurs.
*/
private String key() throws Exception {
final ByteArrayOutputStream stream = new ByteArrayOutputStream();
try {
final KeyPair kpair = KeyPair.genKeyPair(new JSch(), KeyPair.DSA);
kpair.writePublicKey(stream, "");
kpair.dispose();
} finally {
stream.close();
}
return new String(stream.toByteArray());
}
use of com.jcraft.jsch.KeyPair in project halyard by spinnaker.
the class AppengineAccountValidator method validate.
@Override
public void validate(ConfigProblemSetBuilder p, AppengineAccount account) {
String jsonKey = null;
String jsonPath = account.getJsonPath();
String project = account.getProject();
String knownHostsPath = account.getSshKnownHostsFilePath();
AppengineNamedAccountCredentials credentials = null;
boolean hasPassword = account.getGitHttpsPassword() != null;
boolean hasUsername = account.getGitHttpsUsername() != null && !account.getGitHttpsUsername().isEmpty();
if (hasPassword != hasUsername) {
if (!hasUsername) {
p.addProblem(Severity.ERROR, "Git HTTPS password supplied without git HTTPS username.");
} else {
p.addProblem(Severity.ERROR, "Git HTTPS username supplied without git HTTPS password.");
}
}
boolean hasSshPrivateKeyPassphrase = account.getSshPrivateKeyPassphrase() != null;
boolean hasSshPrivateKeyFilePath = account.getSshPrivateKeyFilePath() != null && !account.getSshPrivateKeyFilePath().isEmpty();
if (hasSshPrivateKeyPassphrase != hasSshPrivateKeyFilePath) {
if (!hasSshPrivateKeyFilePath) {
p.addProblem(Severity.ERROR, "SSH private key passphrase supplied without SSH private key filepath.");
} else {
p.addProblem(Severity.ERROR, "SSH private key filepath supplied without SSH private key passphrase.");
}
} else if (hasSshPrivateKeyPassphrase && hasSshPrivateKeyFilePath) {
Path sshPrivateKeyFilePath = validatingFileDecryptPath(account.getSshPrivateKeyFilePath());
if (sshPrivateKeyFilePath == null) {
return;
}
String sshPrivateKey = validatingFileDecrypt(p, sshPrivateKeyFilePath.toString());
if (sshPrivateKey == null) {
return;
} else if (sshPrivateKey.isEmpty()) {
p.addProblem(Severity.WARNING, "The supplied SSH private key file is empty.");
} else {
try {
// Assumes that the public key is sitting next to the private key with the extension
// ".pub".
KeyPair keyPair = KeyPair.load(new JSch(), sshPrivateKeyFilePath.toString());
boolean decrypted = keyPair.decrypt(secretSessionManager.decrypt(account.getSshPrivateKeyPassphrase()));
if (!decrypted) {
p.addProblem(Severity.ERROR, "Could not unlock SSH public/private keypair with supplied passphrase.");
}
} catch (JSchException e) {
p.addProblem(Severity.ERROR, "Could not unlock SSH public/private keypair: " + e.getMessage() + ".");
}
}
}
if (knownHostsPath != null && !knownHostsPath.isEmpty()) {
String knownHosts = validatingFileDecrypt(p, knownHostsPath);
if (knownHosts == null) {
return;
}
if (knownHosts.isEmpty()) {
p.addProblem(Severity.WARNING, "The supplied known_hosts file is empty.");
}
}
if (jsonPath != null && !jsonPath.isEmpty()) {
jsonKey = validatingFileDecrypt(p, jsonPath);
if (jsonKey == null) {
return;
}
if (jsonKey.isEmpty()) {
p.addProblem(Severity.WARNING, "The supplied credentials file is empty.");
}
}
if (jsonPath != null && !jsonPath.isEmpty() && account.isSshTrustUnknownHosts()) {
p.addProblem(Severity.WARNING, "You have supplied a known_hosts file path and set the `--ssh-trust-unknown-hosts` flag to true." + " Spinnaker will ignore your `--ssh-trust-unknown-hosts` flag.").setRemediation("Run `--ssh-trust-unknown-hosts false`.");
}
if (account.getProject() == null || account.getProject().isEmpty()) {
p.addProblem(Severity.ERROR, "No appengine project supplied.");
return;
}
try {
credentials = new AppengineNamedAccountCredentials.Builder().jsonKey(jsonKey).project(project).region("halyard").applicationName("halyard " + halyardVersion).build();
} catch (Exception e) {
p.addProblem(Severity.ERROR, "Error instantiating appengine credentials: " + e.getMessage() + ".");
return;
}
try {
credentials.getAppengine().apps().get(project).execute();
} catch (GoogleJsonResponseException e) {
if (e.getStatusCode() == 404) {
p.addProblem(Severity.ERROR, "No appengine application found for project " + project + ".").setRemediation("Run `gcloud app create --region <region>` to create an appengine application.");
} else {
p.addProblem(Severity.ERROR, "Failed to connect to appengine Admin API: " + e.getMessage() + ".");
}
} catch (Exception e) {
p.addProblem(Severity.ERROR, "Failed to connect to appengine Admin API: " + e.getMessage() + ".");
}
}
use of com.jcraft.jsch.KeyPair in project wildfly-core by wildfly.
the class RemoteSshGitRepositoryTestCase method prepareTest.
@Before
public void prepareTest() throws Exception {
remoteRoot = new File("target", "remote").toPath();
Path repoConfigDir = remoteRoot.resolve("configuration");
Files.createDirectories(repoConfigDir);
File baseDir = remoteRoot.toAbsolutePath().toFile();
Path jbossConfigDir = new File(System.getProperty("jboss.home", System.getenv("JBOSS_HOME"))).toPath().resolve("standalone").resolve("configuration");
PathUtil.copyRecursively(jbossConfigDir, repoConfigDir, true);
Path properties = repoConfigDir.resolve("logging.properties");
if (Files.exists(properties)) {
Files.delete(properties);
}
Path jbossAuthDir = new File(System.getProperty("jboss.home", System.getenv("JBOSS_HOME"))).toPath().resolve("standalone").resolve("tmp").resolve("auth");
Files.createDirectories(jbossAuthDir);
File gitDir = new File(baseDir, Constants.DOT_GIT);
if (!gitDir.exists()) {
try (Git git = Git.init().setDirectory(baseDir).setInitialBranch(Constants.MASTER).call()) {
git.add().addFilepattern("configuration").call();
git.commit().setSign(false).setMessage("Repository initialized").call();
}
}
remoteRepository = new FileRepositoryBuilder().setWorkTree(baseDir).setGitDir(gitDir).setup().build();
// Generate new key pair for the server
ByteArrayOutputStream publicHostKey = new ByteArrayOutputStream();
JSch jsch = new JSch();
KeyPair hostKeyPair = KeyPair.genKeyPair(jsch, 2, 2048);
ByteArrayOutputStream hostPrivateKey = new ByteArrayOutputStream();
hostKeyPair.writePrivateKey(hostPrivateKey);
hostPrivateKey.flush();
hostKeyPair.writePublicKey(publicHostKey, "");
sshServer = new SSHServer(EC_USER, SSH_DIR.resolve(EC_PUBKEY), remoteRepository, // create key pair gen
hostPrivateKey.toByteArray());
port = sshServer.start();
// Add new server to known_hosts
KNOWN_HOSTS = SSH_DIR.resolve("known_hosts").toFile();
FileWriter fileWritter = new FileWriter(KNOWN_HOSTS, true);
String knownHostTemplate = "[%s]:" + port + ' ' + publicHostKey.toString(US_ASCII.name()) + "\n";
try (BufferedWriter bw = new BufferedWriter(fileWritter)) {
bw.write(String.format(knownHostTemplate, "127.0.0.1"));
bw.write(String.format(knownHostTemplate, "localhost"));
bw.write(String.format(knownHostTemplate, InetAddress.getLocalHost().getHostName()));
if (System.getenv().containsKey("COMPUTERNAME")) {
bw.write(String.format(knownHostTemplate, System.getenv().get("COMPUTERNAME")));
}
}
}
use of com.jcraft.jsch.KeyPair in project devops-service by open-hand.
the class FileUtil method getSshKey.
/**
* 生成一对RSA的ssh公私钥
*
* @param publicKeyComment 公钥的注释
* @return 列表第一个元素为私钥,第二个为公钥
*/
public static List<String> getSshKey(String publicKeyComment) {
List<String> sshKeyPair = new ArrayList<>();
int type = KeyPair.RSA;
JSch jsch = new JSch();
try (ByteArrayOutputStream outputStream = new ByteArrayOutputStream()) {
KeyPair keyPair = KeyPair.genKeyPair(jsch, type);
keyPair.writePrivateKey(outputStream);
sshKeyPair.add(new String(outputStream.toByteArray()));
outputStream.reset();
keyPair.writePublicKey(outputStream, publicKeyComment);
sshKeyPair.add(new String(outputStream.toByteArray()));
keyPair.dispose();
} catch (Exception e) {
logger.info(e.getMessage());
}
return sshKeyPair;
}
use of com.jcraft.jsch.KeyPair in project Bastillion by bastillion-io.
the class AuthKeysKtrl method generateUserKey.
/**
* generates public private key from passphrase
*
* @param username username to set in public key comment
* @param keyname keyname to set in public key comment
* @return public key
*/
public String generateUserKey(String username, String keyname) throws ServletException {
// set key type
int type = KeyPair.RSA;
if ("dsa".equals(SSHUtil.KEY_TYPE)) {
type = KeyPair.DSA;
} else if ("ecdsa".equals(SSHUtil.KEY_TYPE)) {
type = KeyPair.ECDSA;
}
JSch jsch = new JSch();
String pubKey;
try {
KeyPair keyPair = KeyPair.genKeyPair(jsch, type, SSHUtil.KEY_LENGTH);
OutputStream os = new ByteArrayOutputStream();
keyPair.writePrivateKey(os, publicKey.getPassphrase().getBytes());
// set private key
try {
getRequest().getSession().setAttribute(PVT_KEY, EncryptionUtil.encrypt(os.toString()));
} catch (GeneralSecurityException ex) {
log.error(ex.toString(), ex);
throw new ServletException(ex.toString(), ex);
}
os = new ByteArrayOutputStream();
keyPair.writePublicKey(os, username + "@" + keyname);
pubKey = os.toString();
keyPair.dispose();
} catch (JSchException ex) {
log.error(ex.toString(), ex);
throw new ServletException(ex.toString(), ex);
}
return pubKey;
}
Aggregations