@ -1,10 +1,15 @@
// Copyright 2014 The Gogs Authors. All rights reserved.
// Copyright 2017 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package ssh
import (
"crypto/rand"
"crypto/rsa"
"crypto/x509"
"encoding/pem"
"io"
"io/ioutil"
"net"
@ -176,9 +181,9 @@ func Listen(host string, port int, ciphers []string, keyExchanges []string, macs
log . Error ( 4 , "Failed to create dir %s: %v" , filePath , err )
}
_ , stderr , err := com . ExecCmd ( "ssh-keygen" , "-f" , keyPath , "-t" , "rsa" , "-N" , "" )
err := GenKeyPair ( keyPath )
if err != nil {
log . Fatal ( 4 , "Failed to generate private key: %v - %s " , err , std err)
log . Fatal ( 4 , "Failed to generate private key: %v" , err )
}
log . Trace ( "SSH: New private key is generateed: %s" , keyPath )
}
@ -195,3 +200,39 @@ func Listen(host string, port int, ciphers []string, keyExchanges []string, macs
go listen ( config , host , port )
}
// GenKeyPair make a pair of public and private keys for SSH access.
// Public key is encoded in the format for inclusion in an OpenSSH authorized_keys file.
// Private Key generated is PEM encoded
func GenKeyPair ( keyPath string ) error {
privateKey , err := rsa . GenerateKey ( rand . Reader , 2048 )
if err != nil {
return err
}
privateKeyPEM := & pem . Block { Type : "RSA PRIVATE KEY" , Bytes : x509 . MarshalPKCS1PrivateKey ( privateKey ) }
f , err := os . OpenFile ( keyPath , os . O_RDWR | os . O_CREATE | os . O_TRUNC , 0600 )
if err != nil {
return err
}
defer f . Close ( )
if err := pem . Encode ( f , privateKeyPEM ) ; err != nil {
return err
}
// generate public key
pub , err := ssh . NewPublicKey ( & privateKey . PublicKey )
if err != nil {
return err
}
public := ssh . MarshalAuthorizedKey ( pub )
p , err := os . OpenFile ( keyPath + ".pub" , os . O_RDWR | os . O_CREATE | os . O_TRUNC , 0600 )
if err != nil {
return err
}
defer p . Close ( )
_ , err = p . Write ( public )
return err
}