Proyecto

General

Perfil

« Anterior | Siguiente » 

Revisión 259

Añadido por Manu Mora Gordillo hace más de 13 años

Relación de confianza SSH

Ver diferencias:

controlies/trunk/applications/controlies/views/usuarios/form_home_directory.html
<p style="text-align:center;">Para crear el directorio personal en el Servidor NFS necesitaré las credenciales<p>
<div>
<p><span id="nameTag">Directorio personal de</span><br><input type="text" id="name" name="name" style="background-color:#DDD;" readonly="true"/></p>
<p><span id="hostTag">Servidor NFS</span><br><input type="text" id="host" name="host" value="servidor"/></p>
<p><span id="userTag">Usuario</span><br><input type="text" id="user" name="user" value="root"/></p>
<p><span id="hostTag">Servidor NFS</span><br><input type="text" id="host" name="host" value="servidor" style="background-color:#DDD;" readonly="true"/></p>
<p><span id="userTag">Usuario</span><br><input type="text" id="user" name="user" value="root" style="background-color:#DDD;" readonly="true"/></p>
<p><span id="passwordTag">Contraseña</span><br><input type="text" id="password" name="password"/></p>
<p id="trustRelationshipP"><span id="trustRelationshipTag">Establecer relación de confianza SSH</span>&nbsp;&nbsp;<input type="checkbox" id="trustRelationship" name="trustRelationship"/></p>
</div>
</div>
<div id="message" style="text-align:center; font-weight:bold; color:red; padding:3px; "></div>
controlies/trunk/applications/controlies/views/usuarios/form.html
<option value="student">Alumno</option>
</select>
</p>
<p><span id="nameTag">Nombre y Apellidos</span><br><input type="text" id="name" name="name" onChange="searchUsername();"/></p>
<p><span id="nameTag">Nombre y Apellidos</span><br><input type="text" id="name" name="name"/></p>
<p><span id="nifTag">NIF</span><br><input type="text" id="nif" name="nif"/></p>
<p><span id="departmentsTag">Departamentos</span><br><select type="text" id="departments" name="departments[]" multiple style="width:250px;"></select>
controlies/trunk/applications/controlies/views/usuarios/index.html
}
function createHomeDirectory(username,type){
$.post("{{=URL(c='usuarios',f='call',args=['json','create_home_directory_withoutpass'])}}", {username:username, type:type}, function(result) {
switch(result.response){
case 'failAuth':{
formCreateHomeDirectory(username,type);
break;
}
case 'OK':{
jQuery('#message').html("Home creado correctamente").css("color","green").effect("highlight", {"color":"yellow"}, 1000);
setTimeout("$('#dialog-form').dialog('close')",1000);
break;
};
}
});
}
function formCreateHomeDirectory(username,type){
setTimeout("$('#dialog-form').dialog('close')",200);
jQuery("#dialog-form2").load("form_home_directory.html", function() {
jQuery("#form_dataNFS #username").val(username);
controlies/trunk/applications/controlies/controllers/usuarios.py
# coding: utf8
from applications.controlies.modules.Users import Users
from applications.controlies.modules.Utils import Utils
def index():
return dict()
......
@service.json
@auth.requires_login()
def create_home_directory_withoutpass():
from applications.controlies.modules.SSHConnection import SSHConnection
c = SSHConnection("localhost","root","")
response = c.connectWithoutPass()
if response != True:
return dict(response = response)
l=conecta()
u = Users(l,"","","","",request.vars['username'],"","","","")
responseUser = u.getUserData()
l.close()
homeDirectory = Utils.homeDirectory(request.vars['type'])+responseUser["user"]
c.exec_command("cp -r /etc/skel "+homeDirectory)
c.exec_command("chown -R "+responseUser["uidnumber"]+":"+responseUser["gidnumber"]+" "+homeDirectory)
c.close()
return dict(response = "OK")
@service.json
@auth.requires_login()
def create_home_directory():
from applications.controlies.modules.SSHConnection import SSHConnection
c = SSHConnection(request.vars['host'],request.vars['user'],request.vars['password'])
#c = SSHConnection(request.vars['host'],request.vars['user'],request.vars['password'])
c = SSHConnection("localhost",request.vars['user'],request.vars['password'])
response = c.process()
print request.vars
if response != True:
return dict(response = response)
......
responseUser = u.getUserData()
l.close()
if request.vars['type'] == "teacher":
homeDirectory = "/home/profesor/"+responseUser["user"]
else:
homeDirectory = "/home/alumnos/"+responseUser["user"]
homeDirectory = Utils.homeDirectory(request.vars['type'])+responseUser["user"]
c.exec_command("cp -r /etc/skel "+homeDirectory)
c.exec_command("chown -R "+responseUser["uidnumber"]+":"+responseUser["gidnumber"]+" "+homeDirectory)
c.close()
try:
if request.vars["trustRelationship"] == "on":
dir_ssh = "/var/web2py/applications/controlies"
Utils.generateRSAkeys(dir_ssh)
c.open_ftp()
c.removeFile("/tmp/controlIES_rsa.pub")
c.putFile(dir_ssh+"./ssh/id_rsa.pub","/tmp/controlIES_rsa.pub")
c.exec_command('cat /tmp/controlIES_rsa.pub >> /root/.ssh/authorized_keys')
c.removeFile("/tmp/controlIES_rsa.pub")
c.close_ftp()
except:
pass
c.close()
return dict(response = "OK")
def form():
controlies/trunk/applications/controlies/modules/Utils/Utils.py
salt = generate_salt()
return b2a_base64(sha.new(password + salt).digest() + salt)[:-1]
def generateRSAkeys(_path):
import os
from M2Crypto import RSA
ssh_dir = _path + '/.ssh'
if os.path.isdir(ssh_dir):
os.chmod(ssh_dir,0700)
else:
os.mkdir(ssh_dir,0700)
key = RSA.gen_key(2048, 65537)
key.save_pem(ssh_dir+'/id_rsa',cipher=None)
os.chmod(ssh_dir+'/id_rsa',0600)
os.system("ssh-keygen -y -f "+ssh_dir+'/id_rsa > '+ssh_dir+'/id_rsa.pub')
def homeDirectory(_type):
if _type == "teacher":
homeDirectory = "/home/profesor/"
else:
homeDirectory = "/home/alumnos/"
return homeDirectory
controlies/trunk/applications/controlies/modules/SSHConnection.py
class SSHConnection(object):
connection = ""
channel = ""
def __init__(self,session):
pass
......
self.host = host
self.user = user
self.passwd = passwd
self.port = 22
def validation(self):
if self.host == "":
......
return auth
def connect(self):
self.transport = paramiko.SSHClient()
self.transport.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try:
self.connection = paramiko.Transport((self.host, self.port))
self.transport.connect(self.host, username=self.user, password=self.passwd)
except:
return "failServer"
return "failAuth"
return True
def connectWithoutPass(self):
self.transport = paramiko.SSHClient()
self.transport.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try:
self.connection.connect(username = self.user, password = self.passwd)
self.transport.connect(self.host, username=self.user)
except:
return "failAuth"
return True
return True
def exec_command(self,command):
self.channel = self.connection.open_session()
self.channel.exec_command(command)
"""salida = self.channel.makefile('rb', -1).readlines()
if salida:
# Si ha ido todo bien mostramos el listado de directorios
print salida
else:
# Si se ha producido algún error lo mostramos
print self.channel.makefile_stderr('rb', -1).readlines()"""
def exec_command(self,command):
self.transport.exec_command(command)
def close(self):
self.connection.close()
self.transport.close()
def open_ftp(self):
self.sftp = transport.open_sftp()
def close_ftp(self):
self.sftp.close()
def removeFile(self, _file):
try:
self.sftp.remove(_file)
except:
pass
def putFile(self, _file):
try:
self.sftp.put(_file)
except:
pass

Exportar a: Unified diff