diff --git a/src/cli/one_helper/oneuser_helper.rb b/src/cli/one_helper/oneuser_helper.rb index b481f9291b..bca7a4c27c 100644 --- a/src/cli/one_helper/oneuser_helper.rb +++ b/src/cli/one_helper/oneuser_helper.rb @@ -37,7 +37,7 @@ class OneUserHelper < OpenNebulaHelper::OneHelper return -1, "Can not read file: #{arg}" end else - if options[:plain] + if options[:plain] || options[:ssh] || options[:x509] password = arg.gsub(/\s/, '') else password = Digest::SHA1.hexdigest(arg) @@ -49,9 +49,11 @@ class OneUserHelper < OpenNebulaHelper::OneHelper def password(options) if options[:ssh] - require 'ssh_auth' + if !options[:key] + return -1, "You have to specify the --key option" + end - options[:key] ||= ENV['HOME']+'/.ssh/id_rsa' + require 'ssh_auth' begin sshauth = SshAuth.new(:private_key=>options[:key]) @@ -61,10 +63,14 @@ class OneUserHelper < OpenNebulaHelper::OneHelper return 0, sshauth.public_key elsif options[:x509] - require 'x509_auth' - options[:cert] ||= ENV['X509_USER_CERT'] + if !options[:cert] + return -1, "You have to specify the --cert option" + end + + require 'x509_auth' + begin cert = [File.read(options[:cert])] x509auth = X509Auth.new(:certs_pem=>cert) diff --git a/src/cli/oneuser b/src/cli/oneuser index a740411d0c..e46b8a757b 100755 --- a/src/cli/oneuser +++ b/src/cli/oneuser @@ -104,7 +104,7 @@ cmd=CommandParser::CmdParser.new(ARGV) do :name => "time", :large => "--time x", :format => Integer, - :description => "Token duration in hours, (default 1)" + :description => "Token duration in seconds, defaults to 3600 (1 h)" } create_options = [READ_FILE, PLAIN, SSH, X509, KEY, CERT] @@ -139,20 +139,21 @@ cmd=CommandParser::CmdParser.new(ARGV) do oneuser create my_user my_password oneuser create my_user /tmp/mypass -r oneuser create my_user --ssh --key /tmp/id_rsa + oneuser create my_user --ssh -r /tmp/public_key oneuser create my_user --x509 --cert /tmp/my_cert.pem EOT command :create, create_desc, :username, [:password, nil], :options=>create_options do - if options[:ssh] or options[:x509] + if args[1] + pass = args[1] + else rc = helper.password(options) if rc.first == 0 pass = rc[1] else exit_with_code *rc end - else - pass = args[1] end helper.create_resource(options) do |user| @@ -175,6 +176,27 @@ cmd=CommandParser::CmdParser.new(ARGV) do helper.login(args[0], options) end + key_desc = <<-EOT.unindent + Shows a public key from a private SSH key. Use it as password + for the SSH authentication mechanism. + EOT + + command :key, key_desc, :options=>[KEY] do + require 'ssh_auth' + + options[:key] ||= ENV['HOME']+'/.ssh/id_rsa' + + begin + sshauth = SshAuth.new(:private_key=>options[:key]) + rescue Exception => e + exit_with_code -1, e.message + end + + puts sshauth.public_key + exit_with_code 0 + end + + delete_desc = <<-EOT.unindent Deletes the given User EOT @@ -189,17 +211,17 @@ cmd=CommandParser::CmdParser.new(ARGV) do Changes the given User's password EOT - command :passwd, passwd_desc, :userid, :password, + command :passwd, passwd_desc, :userid, [:password, nil], :options=>create_options do - if options[:ssh] or options[:x509] + if args[1] + pass = args[1] + else rc = helper.password(options) if rc.first == 0 pass = rc[1] else exit_with_code *rc end - else - pass = args[1] end helper.perform_action(args[0],options,"Password changed") do |user|