forked from p15670423/monkey
Island: Remove encryption of ssh keys in ssh_key_processor
This commit is contained in:
parent
30ccb2aee3
commit
f2a8dcc908
|
@ -1,7 +1,5 @@
|
||||||
from typing import Mapping
|
from typing import Mapping
|
||||||
|
|
||||||
from monkey_island.cc.models import Monkey
|
|
||||||
from monkey_island.cc.server_utils.encryption import get_datastore_encryptor
|
|
||||||
from monkey_island.cc.services.config import ConfigService
|
from monkey_island.cc.services.config import ConfigService
|
||||||
from monkey_island.cc.services.telemetry.processing.credentials import Credentials
|
from monkey_island.cc.services.telemetry.processing.credentials import Credentials
|
||||||
|
|
||||||
|
@ -21,17 +19,9 @@ def process_ssh_key(keypair: Mapping, credentials: Credentials):
|
||||||
if not _contains_both_keys(keypair):
|
if not _contains_both_keys(keypair):
|
||||||
raise SSHKeyProcessingError("Private or public key missing")
|
raise SSHKeyProcessingError("Private or public key missing")
|
||||||
|
|
||||||
# TODO investigate if IP is needed at all
|
|
||||||
ip = Monkey.get_single_monkey_by_guid(credentials.monkey_guid).ip_addresses[0]
|
|
||||||
username = credentials.identities[0]["username"]
|
|
||||||
|
|
||||||
encrypted_keys = _encrypt_ssh_keys(keypair)
|
|
||||||
|
|
||||||
ConfigService.ssh_add_keys(
|
ConfigService.ssh_add_keys(
|
||||||
user=username,
|
public_key=keypair["public_key"],
|
||||||
public_key=encrypted_keys["public_key"],
|
private_key=keypair["private_key"],
|
||||||
private_key=encrypted_keys["private_key"],
|
|
||||||
ip=ip,
|
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
@ -40,10 +30,3 @@ def _contains_both_keys(ssh_key: Mapping) -> bool:
|
||||||
return ssh_key["public_key"] and ssh_key["private_key"]
|
return ssh_key["public_key"] and ssh_key["private_key"]
|
||||||
except KeyError:
|
except KeyError:
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
|
||||||
def _encrypt_ssh_keys(ssh_key: Mapping) -> Mapping:
|
|
||||||
encrypted_keys = {}
|
|
||||||
for field in ["public_key", "private_key"]:
|
|
||||||
encrypted_keys[field] = get_datastore_encryptor().encrypt(ssh_key[field])
|
|
||||||
return encrypted_keys
|
|
||||||
|
|
Loading…
Reference in New Issue