From f2a8dcc90895b0518f90af2c9a9de167ec718a6e Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Wed, 6 Apr 2022 16:59:10 +0200 Subject: [PATCH] Island: Remove encryption of ssh keys in ssh_key_processor --- .../credentials/secrets/ssh_key_processor.py | 21 ++----------------- 1 file changed, 2 insertions(+), 19 deletions(-) diff --git a/monkey/monkey_island/cc/services/telemetry/processing/credentials/secrets/ssh_key_processor.py b/monkey/monkey_island/cc/services/telemetry/processing/credentials/secrets/ssh_key_processor.py index 0273732da..be8ecf08a 100644 --- a/monkey/monkey_island/cc/services/telemetry/processing/credentials/secrets/ssh_key_processor.py +++ b/monkey/monkey_island/cc/services/telemetry/processing/credentials/secrets/ssh_key_processor.py @@ -1,7 +1,5 @@ from typing import Mapping -from monkey_island.cc.models import Monkey -from monkey_island.cc.server_utils.encryption import get_datastore_encryptor from monkey_island.cc.services.config import ConfigService from monkey_island.cc.services.telemetry.processing.credentials import Credentials @@ -21,17 +19,9 @@ def process_ssh_key(keypair: Mapping, credentials: Credentials): if not _contains_both_keys(keypair): raise SSHKeyProcessingError("Private or public key missing") - # TODO investigate if IP is needed at all - ip = Monkey.get_single_monkey_by_guid(credentials.monkey_guid).ip_addresses[0] - username = credentials.identities[0]["username"] - - encrypted_keys = _encrypt_ssh_keys(keypair) - ConfigService.ssh_add_keys( - user=username, - public_key=encrypted_keys["public_key"], - private_key=encrypted_keys["private_key"], - ip=ip, + public_key=keypair["public_key"], + private_key=keypair["private_key"], ) @@ -40,10 +30,3 @@ def _contains_both_keys(ssh_key: Mapping) -> bool: return ssh_key["public_key"] and ssh_key["private_key"] except KeyError: return False - - -def _encrypt_ssh_keys(ssh_key: Mapping) -> Mapping: - encrypted_keys = {} - for field in ["public_key", "private_key"]: - encrypted_keys[field] = get_datastore_encryptor().encrypt(ssh_key[field]) - return encrypted_keys