Agent: Remove known_hosts from SSH Credential Collector

It is not used anywhere.
2022-02-15 19:54:05 +01:00 · 2022-02-15 19:54:05 +01:00 · a03a5145a7
parent e9e5e95f49
commit a03a5145a7
3 changed files with 8 additions and 38 deletions
--- a/monkey/infection_monkey/credential_collectors/ssh_collector/SSH_credentials_collector.py
+++ b/monkey/infection_monkey/credential_collectors/ssh_collector/SSH_credentials_collector.py
@ -35,7 +35,7 @@ class SSHCollector(ICredentialCollector):
                credentials_obj.identities.append(Username(info["name"]))

            ssh_keypair = {}
-            for key in ["public_key", "private_key", "known_hosts"]:
+            for key in ["public_key", "private_key"]:
                if key in info and info.get(key) is not None:
                    ssh_keypair[key] = info[key]

--- a/monkey/infection_monkey/credential_collectors/ssh_collector/ssh_handler.py
+++ b/monkey/infection_monkey/credential_collectors/ssh_collector/ssh_handler.py
@ -31,12 +31,10 @@ def _get_home_dirs() -> Iterable[Dict]:
 def _get_ssh_struct(name: str, home_dir: str) -> Dict:
    """
    Construct the SSH info. It consisted of: name, home_dir,
-    public_key, private_key and known_hosts.
+    public_key and private_key.

    public_key: contents of *.pub file (public key)
    private_key: contents of * file (private key)
-    known_hosts: contents of known_hosts file(all the servers keys are good for,
-    possibly hashed)

    :param name: username of user, for whom the keys belong
    :param home_dir: users home directory
@ -49,7 +47,6 @@ def _get_ssh_struct(name: str, home_dir: str) -> Dict:
        "home_dir": home_dir,
        "public_key": None,
        "private_key": None,
-        "known_hosts": None,
    }


@ -88,15 +85,6 @@ def _get_ssh_files(usr_info: Iterable[Dict]) -> Iterable[Dict]:
                                            continue
                                except (IOError, OSError):
                                    pass
-                            # By default, known hosts file is called 'known_hosts'
-                            known_hosts = os.path.join(current_path, "known_hosts")
-                            if os.path.exists(known_hosts):
-                                try:
-                                    with open(known_hosts) as f:
-                                        info["known_hosts"] = f.read()
-                                        logger.info("Found known_hosts in %s" % known_hosts)
-                                except (IOError, OSError):
-                                    pass
                            # If private key found don't search more
                            if info["private_key"]:
                                break
@ -104,9 +92,5 @@ def _get_ssh_files(usr_info: Iterable[Dict]) -> Iterable[Dict]:
                            pass
                except OSError:
                    pass
-    usr_info = [
-        info
-        for info in usr_info
-        if info["private_key"] or info["known_hosts"] or info["public_key"]
-    ]
+    usr_info = [info for info in usr_info if info["private_key"] or info["public_key"]]
    return usr_info
--- a/monkey/tests/unit_tests/infection_monkey/credential_collectors/linux_credentials_collector/test_ssh_credentials_collector.py
+++ b/monkey/tests/unit_tests/infection_monkey/credential_collectors/linux_credentials_collector/test_ssh_credentials_collector.py
@ -14,9 +14,7 @@ def test_ssh_credentials_empty_results(monkeypatch):
    collected = SSHCollector().collect_credentials()
    assert [] == collected

-    ssh_creds = [
-        {"name": "", "home_dir": "", "public_key": None, "private_key": None, "known_hosts": None}
-    ]
+    ssh_creds = [{"name": "", "home_dir": "", "public_key": None, "private_key": None}]
    patch_ssh_handler(ssh_creds, monkeypatch)
    expected = []
    collected = SSHCollector().collect_credentials()
@ -31,45 +29,33 @@ def test_ssh_info_result_parsing(monkeypatch):
            "home_dir": "/home/ubuntu",
            "public_key": "SomePublicKeyUbuntu",
            "private_key": "ExtremelyGoodPrivateKey",
-            "known_hosts": "MuchKnownHosts",
        },
        {
            "name": "mcus",
            "home_dir": "/home/mcus",
            "public_key": "AnotherPublicKey",
-            "private_key": "NotSoGoodPrivateKey",
-            "known_hosts": None,
-        },
-        {
-            "name": "",
-            "home_dir": "/",
-            "public_key": None,
            "private_key": None,
-            "known_hosts": "VeryGoodHosts1",
        },
+        {"name": "guest", "home_dir": "/", "public_key": None, "private_key": None},
    ]
    patch_ssh_handler(ssh_creds, monkeypatch)

    # Expected credentials
    username = Username("ubuntu")
    username2 = Username("mcus")
+    username3 = Username("guest")

    ssh_keypair1 = SSHKeypair(
-        {
-            "public_key": "SomePublicKeyUbuntu",
-            "private_key": "ExtremelyGoodPrivateKey",
-            "known_hosts": "MuchKnownHosts",
-        }
+        {"public_key": "SomePublicKeyUbuntu", "private_key": "ExtremelyGoodPrivateKey"}
    )
    ssh_keypair2 = SSHKeypair(
        {"public_key": "AnotherPublicKey", "private_key": "NotSoGoodPrivateKey"}
    )
-    ssh_keypair3 = SSHKeypair({"known_hosts": "VeryGoodHosts"})

    expected = [
        Credentials(identities=[username], secrets=[ssh_keypair1]),
        Credentials(identities=[username2], secrets=[ssh_keypair2]),
-        Credentials(identities=[], secrets=[ssh_keypair3]),
+        Credentials(identities=[username3], secrets=[]),
    ]
    collected = SSHCollector().collect_credentials()
    assert expected == collected