本文整理汇总了Python中paramiko.DSSKey类的典型用法代码示例。如果您正苦于以下问题:Python DSSKey类的具体用法?Python DSSKey怎么用?Python DSSKey使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了DSSKey类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_7_compare_dss
def test_7_compare_dss(self):
# verify that the private & public keys compare equal
key = DSSKey.from_private_key_file('tests/test_dss.key')
self.assertEquals(key, key)
pub = DSSKey(data=str(key))
self.assert_(key.can_sign())
self.assert_(not pub.can_sign())
self.assertEquals(key, pub)示例2: test_7_compare_dss
def test_7_compare_dss(self):
# verify that the private & public keys compare equal
key = DSSKey.from_private_key_file(test_path('test_dss.key'))
self.assertEqual(key, key)
pub = DSSKey(data=key.asbytes())
self.assertTrue(key.can_sign())
self.assertTrue(not pub.can_sign())
self.assertEqual(key, pub)示例3: test_9_sign_dss
def test_9_sign_dss(self):
# verify that the dss private key can sign and verify
key = DSSKey.from_private_key_file(test_path('test_dss.key'))
msg = key.sign_ssh_data(b'ice weasels')
self.assertTrue(type(msg) is Message)
msg.rewind()
self.assertEqual('ssh-dss', msg.get_text())
# can't do the same test as we do for RSA, because DSS signatures
# are usually different each time. but we can test verification
# anyway so it's ok.
self.assertEqual(40, len(msg.get_binary()))
msg.rewind()
pub = DSSKey(data=key.asbytes())
self.assertTrue(pub.verify_ssh_sig(b'ice weasels', msg))示例4: test_9_sign_dss
def test_9_sign_dss(self):
# verify that the dss private key can sign and verify
key = DSSKey.from_private_key_file('tests/test_dss.key')
msg = key.sign_ssh_data(rng, 'ice weasels')
self.assert_(type(msg) is Message)
msg.rewind()
self.assertEquals('ssh-dss', msg.get_string())
# can't do the same test as we do for RSA, because DSS signatures
# are usually different each time. but we can test verification
# anyway so it's ok.
self.assertEquals(40, len(msg.get_string()))
msg.rewind()
pub = DSSKey(data=str(key))
self.assert_(pub.verify_ssh_sig('ice weasels', msg))示例5: _check_keypair_from_file
def _check_keypair_from_file(self, ref_fingerprint, private_key_path):
"""Function to check if a certain keypair from a file matches the fingerprint
from a reference one
:param str ref_fingerprint: fingerprint to be compared
:raises: KeypairError: if the keypair is not valid, or if the fingerprint to check
and the one computed from the private key is not the same
:raises: KeyNotAccessible: if the private key is password protected
and the password provided is not correct
"""
pkey=None
# This block avoid repetition of checks after it is done for the first instance
if self._SSH_KEY_CHECKED==True:
if self._SSH_KEY_ACCESS_ERROR==True: # This avoid user entering the code right the second time
raise KeyNotAccessible#("Unable to access key file `"+private_key_path+": Invalid password")
else:
return
try:
pkey=DSSKey.from_private_key_file(private_key_path)
except PasswordRequiredException:
try:
asked_password = getpass.getpass('Enter passphrase for '+private_key_path+ ':')
pkey=DSSKey.from_private_key_file(private_key_path,asked_password)
except SSHException:
self._SSH_KEY_CHECKED=True
self._SSH_KEY_ACCESS_ERROR=True # This avoid user entering the code right the second time
raise KeyNotAccessible#("Unable to access key file `"+private_key_path+": Invalid password")
except SSHException:
try:
pkey=RSAKey.from_private_key_file(private_key_path)
except PasswordRequiredException:
try:
asked_password = getpass.getpass('Enter passphrase for '+private_key_path+ ':')
pkey=RSAKey.from_private_key_file(private_key_path,asked_password)
except SSHException:
self._SSH_KEY_CHECKED=True
self._SSH_KEY_ACCESS_ERROR=True # This avoid user entering the code right the second time
raise KeyNotAccessible#("Unable to access key file `"+private_key_path+": Invalid password")
except SSHException:
raise KeypairError('File `%s` is neither a valid DSA key '
'or RSA key' % private_key_path)
fingerprint = str.join(
':', (i.encode('hex') for i in pkey.get_fingerprint()))
if ref_fingerprint!=fingerprint:
raise KeypairError(
"Keypair from "+private_key_path+" is present but has "
"different fingerprint. Aborting!")
self._SSH_KEY_CHECKED=True
return示例6: test_4_load_dss
def test_4_load_dss(self):
key = DSSKey.from_private_key_file(_support("test_dss.key"))
self.assertEqual("ssh-dss", key.get_name())
exp_dss = b(FINGER_DSS.split()[1].replace(":", ""))
my_dss = hexlify(key.get_fingerprint())
self.assertEqual(exp_dss, my_dss)
self.assertEqual(PUB_DSS.split()[1], key.get_base64())
self.assertEqual(1024, key.get_bits())
s = StringIO()
key.write_private_key(s)
self.assertEqual(DSS_PRIVATE_OUT, s.getvalue())
s.seek(0)
key2 = DSSKey.from_private_key(s)
self.assertEqual(key, key2)示例7: test_4_load_dss
def test_4_load_dss(self):
key = DSSKey.from_private_key_file('tests/test_dss.key')
self.assertEquals('ssh-dss', key.get_name())
exp_dss = FINGER_DSS.split()[1].replace(':', '')
my_dss = hexlify(key.get_fingerprint())
self.assertEquals(exp_dss, my_dss)
self.assertEquals(PUB_DSS.split()[1], key.get_base64())
self.assertEquals(1024, key.get_bits())
s = StringIO()
key.write_private_key(s)
self.assertEquals(DSS_PRIVATE_OUT, s.getvalue())
s.seek(0)
key2 = DSSKey.from_private_key(s)
self.assertEquals(key, key2)示例8: from_file
def from_file(filename, password = '', keytype = None):
"""
Returns a new PrivateKey instance with the given attributes.
If keytype is None, we attempt to automatically detect the type.
@type filename: string
@param filename: The key file name.
@type password: string
@param password: The key password.
@type keytype: string
@param keytype: The key type.
@rtype: PrivateKey
@return: The new key.
"""
if keytype is None:
try:
key = RSAKey.from_private_key_file(filename)
keytype = 'rsa'
except SSHException, e:
try:
key = DSSKey.from_private_key_file(filename)
keytype = 'dss'
except SSHException, e:
msg = 'not a recognized private key: ' + repr(filename)
raise ValueError(msg)示例9: _set_authentication
def _set_authentication(self, password, private_key, private_key_pass):
'''Authenticate the transport. prefer password if given'''
if password is None:
# Use Private Key.
if not private_key:
# Try to use default key.
if os.path.exists(os.path.expanduser('~/.ssh/id_rsa')):
private_key = '~/.ssh/id_rsa'
elif os.path.exists(os.path.expanduser('~/.ssh/id_dsa')):
private_key = '~/.ssh/id_dsa'
else:
raise CredentialException("No password or key specified.")
if isinstance(private_key, (AgentKey, RSAKey)):
# use the paramiko agent or rsa key
self._tconnect['pkey'] = private_key
else:
# isn't a paramiko AgentKey or RSAKey, try to build a
# key from what we assume is a path to a key
private_key_file = os.path.expanduser(private_key)
try: # try rsa
self._tconnect['pkey'] = RSAKey.from_private_key_file(
private_key_file, private_key_pass)
except paramiko.SSHException: # if it fails, try dss
# pylint:disable=r0204
self._tconnect['pkey'] = DSSKey.from_private_key_file(
private_key_file, private_key_pass)示例10: test_5_load_dss_password
def test_5_load_dss_password(self):
key = DSSKey.from_private_key_file('tests/test_dss_password.key', 'television')
self.assertEquals('ssh-dss', key.get_name())
exp_dss = FINGER_DSS.split()[1].replace(':', '')
my_dss = hexlify(key.get_fingerprint())
self.assertEquals(exp_dss, my_dss)
self.assertEquals(PUB_DSS.split()[1], key.get_base64())
self.assertEquals(1024, key.get_bits())示例11: test_5_load_dss_password
def test_5_load_dss_password(self):
key = DSSKey.from_private_key_file(test_path("test_dss_password.key"), "television")
self.assertEqual("ssh-dss", key.get_name())
exp_dss = b(FINGER_DSS.split()[1].replace(":", ""))
my_dss = hexlify(key.get_fingerprint())
self.assertEqual(exp_dss, my_dss)
self.assertEqual(PUB_DSS.split()[1], key.get_base64())
self.assertEqual(1024, key.get_bits())示例12: keygen
def keygen(keyname, keytype, bits, passphrase):
""" Generates a private/public keypair and returns it.
"""
# Initialisations and sanity checks
retval = {"generation_messages": "", "generation_status": "success"}
if keytype not in ['rsa', 'dsa']:
retval["generation_messages"] = _("Invalid keytype: %s" % keytype)
retval["generation_status"] = "error"
if bits not in [1024, 2048, 3072, 4096]:
retval["generation_messages"] = \
_("Invalid number of bits: %s" % bits)
retval["generation_status"] = "error"
if keytype == "dsa" and bits != 1024:
retval["generation_messages"] = _("DSA only supports 1024 bits.")
retval["generation_status"] = "error"
if retval["generation_status"] == "success":
# Generate private key
if keytype == "rsa":
key = RSAKey.generate(bits=bits)
typestring = "ssh-rss "
else:
key = DSSKey.generate(bits=bits)
typestring = "ssh-dss "
# Format public key
keystring = "%s %s %s" % (
typestring,
key.get_base64(),
keyname
)
retval["public_key"] = keystring
tmp = StringIO.StringIO()
if passphrase == "":
passphrase = None
key.write_private_key(tmp, passphrase)
retval["private_key"] = tmp.getvalue()
return retval示例13: test_3_multipart_auth
def test_3_multipart_auth(self):
"""
verify that multipart auth works.
"""
self.start_server()
self.tc.connect(hostkey=self.public_host_key)
remain = self.tc.auth_password(username='paranoid', password='paranoid')
self.assertEqual(['publickey'], remain)
key = DSSKey.from_private_key_file(test_path('test_dss.key'))
remain = self.tc.auth_publickey(username='paranoid', key=key)
self.assertEqual([], remain)
self.verify_finished()示例14: key
def key(self):
"""
:return: a subclass of PKey of the appropriate key type
:rtype: PKey
:raises ValidationError:
"""
# Check if the key pair exists: at least a public or private part of
# the key is required, as well as the key type.
if not self.key_type:
return None
if not self.public_key and not self.private_key:
return None
public_key = None
private_key = None
if self.public_key:
public_key = base64.b64decode(self.public_key)
if self.private_key:
private_key = StringIO(self.private_key)
if self.key_type == 'ssh-dss':
pkey = DSSKey(data=public_key, file_obj=private_key)
elif self.key_type == 'ssh-rsa':
pkey = RSAKey(data=public_key, file_obj=private_key)
elif self.key_type.startswith('ecdsa'):
pkey = ECDSAKey(data=public_key, file_obj=private_key)
elif self.key_type == '[email protected]':
pkey = RSAKey(data=public_key, file_obj=private_key)
pkey.load_certificate(Message(public_key))
else:
raise ValidationError('Unsupported key type: ' + self.key_type)
return pkey示例15: _check_keypair
def _check_keypair(self, name, public_key_path, private_key_path):
connection = self._connect()
keypairs = connection.get_all_key_pairs()
keypairs = dict((k.name, k) for k in keypairs)
# decide if dsa or rsa key is provided
pkey = None
is_dsa_key = False
try:
pkey = DSSKey.from_private_key_file(private_key_path)
is_dsa_key = True
except PasswordRequiredException:
raise KeypairError(
"Key `%s` is encrypted with a password. Please, use"
"an unencrypted key or use ssh-agent" %
private_key_path)
except SSHException:
try:
pkey = RSAKey.from_private_key_file(private_key_path)
except PasswordRequiredException:
raise KeypairError(
"Key `%s` is encrypted with a password. Please, use"
"an unencrypted key or use ssh-agent" %
private_key_path)
except SSHException:
raise KeypairError('File `%s` is neither a valid DSA key '
'or RSA key.' % private_key_path)
# create keys that don't exist yet
if name not in keypairs:
log.warning(
"Keypair `%s` not found on resource `%s`, Creating a new one",
name, self._url)
with open(os.path.expanduser(public_key_path)) as f:
key_material = f.read()
try:
# check for DSA on amazon
if "amazon" in self._ec2host and is_dsa_key:
log.error(
"Apparently, amazon does not support DSA keys. "
"Please specify a valid RSA key.")
raise KeypairError(
"Apparently, amazon does not support DSA keys."
"Please specify a valid RSA key.")
connection.import_key_pair(name, key_material)
except Exception, ex:
log.error(
"Could not import key `%s` with name `%s` to `%s`",
name, public_key_path, self._url)
raise KeypairError(
"could not create keypair `%s`: %s" % (name, ex))