1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
#!/usr/bin/env python
# Copyright (C) 2010 Sofian Brabez <sbz@6dev.net>
#
# This file is part of paramiko.
#
# Paramiko is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# Paramiko is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
# details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
from __future__ import with_statement
import sys
from binascii import hexlify
from optparse import OptionParser
from paramiko import DSSKey
from paramiko import RSAKey
from paramiko.ssh_exception import SSHException
from paramiko.py3compat import u
usage="""
%prog [-v] [-b bits] -t type [-N new_passphrase] [-f output_keyfile]"""
default_values = {
"ktype": "dsa",
"bits": 1024,
"filename": "output",
"comment": ""
}
key_dispatch_table = {
'dsa': DSSKey,
'rsa': RSAKey,
}
def progress(arg=None):
if not arg:
sys.stdout.write('0%\x08\x08\x08 ')
sys.stdout.flush()
elif arg[0] == 'p':
sys.stdout.write('25%\x08\x08\x08\x08 ')
sys.stdout.flush()
elif arg[0] == 'h':
sys.stdout.write('50%\x08\x08\x08\x08 ')
sys.stdout.flush()
elif arg[0] == 'x':
sys.stdout.write('75%\x08\x08\x08\x08 ')
sys.stdout.flush()
if __name__ == '__main__':
phrase=None
pfunc=None
parser = OptionParser(usage=usage)
parser.add_option("-t", "--type", type="string", dest="ktype",
help="Specify type of key to create (dsa or rsa)",
metavar="ktype", default=default_values["ktype"])
parser.add_option("-b", "--bits", type="int", dest="bits",
help="Number of bits in the key to create", metavar="bits",
default=default_values["bits"])
parser.add_option("-N", "--new-passphrase", dest="newphrase",
help="Provide new passphrase", metavar="phrase")
parser.add_option("-P", "--old-passphrase", dest="oldphrase",
help="Provide old passphrase", metavar="phrase")
parser.add_option("-f", "--filename", type="string", dest="filename",
help="Filename of the key file", metavar="filename",
default=default_values["filename"])
parser.add_option("-q", "--quiet", default=False, action="store_false",
help="Quiet")
parser.add_option("-v", "--verbose", default=False, action="store_true",
help="Verbose")
parser.add_option("-C", "--comment", type="string", dest="comment",
help="Provide a new comment", metavar="comment",
default=default_values["comment"])
(options, args) = parser.parse_args()
if len(sys.argv) == 1:
parser.print_help()
sys.exit(0)
for o in list(default_values.keys()):
globals()[o] = getattr(options, o, default_values[o.lower()])
if options.newphrase:
phrase = getattr(options, 'newphrase')
if options.verbose:
pfunc = progress
sys.stdout.write("Generating priv/pub %s %d bits key pair (%s/%s.pub)..." % (ktype, bits, filename, filename))
sys.stdout.flush()
if ktype == 'dsa' and bits > 1024:
raise SSHException("DSA Keys must be 1024 bits")
if ktype not in key_dispatch_table:
raise SSHException("Unknown %s algorithm to generate keys pair" % ktype)
# generating private key
prv = key_dispatch_table[ktype].generate(bits=bits, progress_func=pfunc)
prv.write_private_key_file(filename, password=phrase)
# generating public key
pub = key_dispatch_table[ktype](filename=filename, password=phrase)
with open("%s.pub" % filename, 'w') as f:
f.write("%s %s" % (pub.get_name(), pub.get_base64()))
if options.comment:
f.write(" %s" % comment)
if options.verbose:
print("done.")
hash = u(hexlify(pub.get_fingerprint()))
print("Fingerprint: %d %s %s.pub (%s)" % (bits, ":".join([ hash[i:2+i] for i in range(0, len(hash), 2)]), filename, ktype.upper()))
|