Clean up SSH key generation and output.

2026-03-26 01:36:32 +01:00 · 2018-01-27 21:30:10 +01:00 · 2018-01-27 21:30:10 +01:00 · 37a5a67391
commit 37a5a67391
parent a2549410a8
2 changed files with 32 additions and 22 deletions
--- a/evennia/server/portal/ssh.py
+++ b/evennia/server/portal/ssh.py
@ -52,12 +52,25 @@ from evennia.utils.utils import to_str
 _RE_N = re.compile(r"\|n$")
 _RE_SCREENREADER_REGEX = re.compile(r"%s" % settings.SCREENREADER_REGEX_STRIP, re.DOTALL + re.MULTILINE)
 _GAME_DIR = settings.GAME_DIR
+_PRIVATE_KEY_FILE = os.path.join(_GAME_DIR, "server", "ssh-private.key")
+_PUBLIC_KEY_FILE = os.path.join(_GAME_DIR, "server", "ssh-public.key")
+_KEY_LENGTH = 2048

 CTRL_C = '\x03'
 CTRL_D = '\x04'
 CTRL_BACKSLASH = '\x1c'
 CTRL_L = '\x0c'

+_NO_AUTOGEN = """
+Evennia could not generate SSH private- and public keys ({{err}})
+Using conch default keys instead.
+
+If this error persists, create the keys manually (using the tools for your OS)
+and put them here:
+    {}
+    {}
+""".format(_PRIVATE_KEY_FILE, _PUBLIC_KEY_FILE)
+

 class SshProtocol(Manhole, session.Session):
    """
@ -426,32 +439,32 @@ def getKeyPair(pubkeyfile, privkeyfile):

    if not (os.path.exists(pubkeyfile) and os.path.exists(privkeyfile)):
        # No keypair exists. Generate a new RSA keypair
-        print("  Generating SSH RSA keypair ...", end=' ')
        from Crypto.PublicKey import RSA

-        KEY_LENGTH = 1024
-        rsaKey = Key(RSA.generate(KEY_LENGTH))
-        publicKeyString = rsaKey.public().toString(type="OPENSSH")
-        privateKeyString = rsaKey.toString(type="OPENSSH")
+        rsa_key = Key(RSA.generate(_KEY_LENGTH))
+        public_key_string = rsa_key.public().toString(type="OPENSSH")
+        private_key_string = rsa_key.toString(type="OPENSSH")

        # save keys for the future.
-        file(pubkeyfile, 'w+b').write(publicKeyString)
-        file(privkeyfile, 'w+b').write(privateKeyString)
-        print(" done.")
+        with open(privkeyfile, 'wt') as pfile:
+            pfile.write(private_key_string)
+            print("Created SSH private key in '{}'".format(_PRIVATE_KEY_FILE))
+        with open(pubkeyfile, 'wt') as pfile:
+            pfile.write(public_key_string)
+            print("Created SSH public key in '{}'".format(_PUBLIC_KEY_FILE))
    else:
-        publicKeyString = file(pubkeyfile).read()
-        privateKeyString = file(privkeyfile).read()
+        with open(pubkeyfile) as pfile:
+            public_key_string = pfile.read()
+        with open(privkeyfile) as pfile:
+            private_key_string = pfile.read()

-    return Key.fromString(publicKeyString), Key.fromString(privateKeyString)
+    return Key.fromString(public_key_string), Key.fromString(private_key_string)


 def makeFactory(configdict):
    """
    Creates the ssh server factory.
    """
-    pubkeyfile = os.path.join(_GAME_DIR, "server", "ssh-public.key")
-    privkeyfile = os.path.join(_GAME_DIR, "server", "ssh-private.key")
-
    def chainProtocolFactory(username=None):
        return insults.ServerProtocol(
            configdict['protocolFactory'],
@ -466,14 +479,11 @@ def makeFactory(configdict):

    try:
        # create/get RSA keypair
-        publicKey, privateKey = getKeyPair(pubkeyfile, privkeyfile)
+        publicKey, privateKey = getKeyPair(_PUBLIC_KEY_FILE, _PRIVATE_KEY_FILE)
        factory.publicKeys = {'ssh-rsa': publicKey}
        factory.privateKeys = {'ssh-rsa': privateKey}
    except Exception as err:
-        print("getKeyPair error: {err}\n WARNING: Evennia could not "
-              "auto-generate SSH keypair. Using conch default keys instead.\n"
-              "If this error persists, create {pub} and "
-              "{priv} yourself using third-party tools.".format(err=err, pub=pubkeyfile, priv=privkeyfile))
+        print(_NO_AUTOGEN.format(err=err))

    factory.services = factory.services.copy()
    factory.services['ssh-userauth'] = ExtraInfoAuthServer
--- a/evennia/server/portal/telnet_ssl.py
+++ b/evennia/server/portal/telnet_ssl.py
@ -33,7 +33,7 @@ _GAME_DIR = settings.GAME_DIR

 _PRIVATE_KEY_LENGTH = 2048
 _PRIVATE_KEY_FILE = os.path.join(_GAME_DIR, "server", "ssl.key")
-_PUBLIC_KEY_FILE = os.path.join(_GAME_DIR, "server", "ssl_public.key")
+_PUBLIC_KEY_FILE = os.path.join(_GAME_DIR, "server", "ssl-public.key")
 _CERTIFICATE_FILE = os.path.join(_GAME_DIR, "server", "ssl.cert")
 _CERTIFICATE_EXPIRE = 365 * 24 * 60 * 60 * 20  # 20 years
 _CERTIFICATE_ISSUER = {"C": "EV", "ST": "Evennia", "L": "Evennia", "O":
@ -96,7 +96,7 @@ def verify_or_create_SSL_key_and_cert(keyfile, certfile):

            with open(_PUBLIC_KEY_FILE, 'wt') as pfile:
                pfile.write(crypto.dump_publickey(crypto.FILETYPE_PEM, keypair))
-                print("Created SSL public key in '{}'.".format(_PRIVATE_KEY_FILE))
+                print("Created SSL public key in '{}'.".format(_PUBLIC_KEY_FILE))

        except Exception as err:
            print(NO_AUTOGEN.format(err=err))
@ -120,7 +120,7 @@ def verify_or_create_SSL_key_and_cert(keyfile, certfile):

                with open(_CERTIFICATE_FILE, 'wt') as cfile:
                    cfile.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
-                    print("Created SSL certificate in '{}'.".format(_PRIVATE_KEY_FILE))
+                    print("Created SSL certificate in '{}'.".format(_CERTIFICATE_FILE))

            except Exception as err:
                print(NO_AUTOCERT.format(err=err))