6
from rubylib import bundle
8
from charms.reactive import when
9
from charmhelpers.core.hookenv import config, status_set
10
from charmhelpers.fetch import apt_install, apt_update
13
from Crypto.PublicKey import RSA
16
apt_install('python3-crypto')
17
from Crypto.PublicKey import RSA
20
@when('ruby.available')
23
if not os.path.exists(config('app-path')):
31
cmd = ['git', 'clone',
32
'https://github.com/hardening-io/tests-ssh-hardening.git',
35
subprocess.check_call(cmd)
36
except subprocess.CalledProcessError:
37
status_set('error', 'has a problem with git, try `resolved --retry')
38
raise Exception("Error cloning git repo: %s" % ' '.join(cmd))
42
key = RSA.generate(2048)
43
priv_key_file = '/home/ubuntu/.ssh/id_rsa'
44
pub_key_file = '/home/ubuntu/.ssh/id_rsa.pub'
45
uid = pwd.getpwnam("ubuntu").pw_uid
46
if os.path.exists(priv_key_file):
49
with open(priv_key_file, 'w') as content_file:
50
os.chmod(priv_key_file, stat.S_IREAD)
51
os.chown(priv_key_file, uid, -1)
52
content_file.write(key.exportKey('PEM').decode('utf-8'))
54
pubkey = key.publickey()
55
with open(pub_key_file, 'w') as content_file:
56
os.chown(pub_key_file, uid, -1)
57
content_file.write(pubkey.exportKey('OpenSSH').decode('utf-8'))
added
removed
reactive/hardening-ssh-tests.py
