OpenI
/
aiforge
Not watched
1
0
Fork 0
Code
Releases 128 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
18355 Commits
197 Branches
392 MB
3121 Download
Tree: 7fb363ee95
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '7fb363ee95'
${ noResults }
aiforge/modules/ssh/ssh.go

ssh.go 6.3 kB
Raw Normal View History

use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976) * use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines * fix tests and add comment head
6 years ago
New UI merge in progress
11 years ago
update
3 years ago
use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976) * use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines * fix tests and add comment head
6 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
fix 1540 and experimental SSH server support
9 years ago
New UI merge in progress
11 years ago
fix 1540 and experimental SSH server support
9 years ago
New UI merge in progress
11 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
New UI merge in progress
11 years ago
Update import paths from github.com/go-gitea to code.gitea.io (#135) - Update import paths from github.com/go-gitea to code.gitea.io - Fix import path for travis See https://docs.travis-ci.com/user/languages/go#Go-Import-Path
8 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
Use gitea forked macaron (#7933) Signed-off-by: Tamal Saha <tamal@appscode.com>
5 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
New UI merge in progress
11 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
fix 1540 and experimental SSH server support
9 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
fix 1540 and experimental SSH server support
9 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
New UI merge in progress
11 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
New UI merge in progress
11 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
New UI merge in progress
11 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
#1860 fix bug
3 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
update
3 years ago
#1860 fix bug
3 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
New UI merge in progress
11 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
New UI merge in progress
11 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
New UI merge in progress
11 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
#1860 fix bug
3 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
Fix one user may block entire listen loop for builtin SSH
9 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
New UI merge in progress
11 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
New UI merge in progress
11 years ago
Configurable SSH key exchange algorithm and MAC suite (#2806)
7 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
New UI merge in progress
11 years ago
minor UI fix and fix ssh race
9 years ago
Catch os... errors
8 years ago
Better logging (#6038) (#6095) * Panic don't fatal on create new logger Fixes #5854 Signed-off-by: Andrew Thornton <art27@cantab.net> * partial broken * Update the logging infrastrcture Signed-off-by: Andrew Thornton <art27@cantab.net> * Reset the skip levels for Fatal and Error Signed-off-by: Andrew Thornton <art27@cantab.net> * broken ncsa * More log.Error fixes Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove nal * set log-levels to lowercase * Make console_test test all levels * switch to lowercased levels * OK now working * Fix vetting issues * Fix lint * Fix tests * change default logging to match current gitea * Improve log testing Signed-off-by: Andrew Thornton <art27@cantab.net> * reset error skip levels to 0 * Update documentation and access logger configuration * Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE * Fix broken level caching * Refactor the router log * Add Router logger * Add colorizing options * Adjust router colors * Only create logger if they will be used * update app.ini.sample * rename Attribute ColorAttribute * Change from white to green for function * Set fatal/error levels * Restore initial trace logger * Fix Trace arguments in modules/auth/auth.go * Properly handle XORMLogger * Improve admin/config page * fix fmt * Add auto-compression of old logs * Update error log levels * Remove the unnecessary skip argument from Error, Fatal and Critical * Add stacktrace support * Fix tests * Remove x/sync from vendors? * Add stderr option to console logger * Use filepath.ToSlash to protect against Windows in tests * Remove prefixed underscores from names in colors.go * Remove not implemented database logger This was removed from Gogs on 4 Mar 2016 but left in the configuration since then. * Ensure that log paths are relative to ROOT_PATH * use path.Join * rename jsonConfig to logConfig * Rename "config" to "jsonConfig" to make it clearer * Requested changes * Requested changes: XormLogger * Try to color the windows terminal If successful default to colorizing the console logs * fixup * Colorize initially too * update vendor * Colorize logs on default and remove if this is not a colorizing logger * Fix documentation * fix test * Use go-isatty to detect if on windows we are on msys or cygwin * Fix spelling mistake * Add missing vendors * More changes * Rationalise the ANSI writer protection * Adjust colors on advice from @0x5c * Make Flags a comma separated list * Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING * Ensure matching is done on the non-colored message - to simpify EXPRESSION
6 years ago
Catch os... errors
8 years ago
use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976) * use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines * fix tests and add comment head
6 years ago
minor UI fix and fix ssh race
9 years ago
Better logging (#6038) (#6095) * Panic don't fatal on create new logger Fixes #5854 Signed-off-by: Andrew Thornton <art27@cantab.net> * partial broken * Update the logging infrastrcture Signed-off-by: Andrew Thornton <art27@cantab.net> * Reset the skip levels for Fatal and Error Signed-off-by: Andrew Thornton <art27@cantab.net> * broken ncsa * More log.Error fixes Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove nal * set log-levels to lowercase * Make console_test test all levels * switch to lowercased levels * OK now working * Fix vetting issues * Fix lint * Fix tests * change default logging to match current gitea * Improve log testing Signed-off-by: Andrew Thornton <art27@cantab.net> * reset error skip levels to 0 * Update documentation and access logger configuration * Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE * Fix broken level caching * Refactor the router log * Add Router logger * Add colorizing options * Adjust router colors * Only create logger if they will be used * update app.ini.sample * rename Attribute ColorAttribute * Change from white to green for function * Set fatal/error levels * Restore initial trace logger * Fix Trace arguments in modules/auth/auth.go * Properly handle XORMLogger * Improve admin/config page * fix fmt * Add auto-compression of old logs * Update error log levels * Remove the unnecessary skip argument from Error, Fatal and Critical * Add stacktrace support * Fix tests * Remove x/sync from vendors? * Add stderr option to console logger * Use filepath.ToSlash to protect against Windows in tests * Remove prefixed underscores from names in colors.go * Remove not implemented database logger This was removed from Gogs on 4 Mar 2016 but left in the configuration since then. * Ensure that log paths are relative to ROOT_PATH * use path.Join * rename jsonConfig to logConfig * Rename "config" to "jsonConfig" to make it clearer * Requested changes * Requested changes: XormLogger * Try to color the windows terminal If successful default to colorizing the console logs * fixup * Colorize initially too * update vendor * Colorize logs on default and remove if this is not a colorizing logger * Fix documentation * fix test * Use go-isatty to detect if on windows we are on msys or cygwin * Fix spelling mistake * Add missing vendors * More changes * Rationalise the ANSI writer protection * Adjust colors on advice from @0x5c * Make Flags a comma separated list * Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING * Ensure matching is done on the non-colored message - to simpify EXPRESSION
6 years ago
minor UI fix and fix ssh race
9 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
minor UI fix and fix ssh race
9 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
New UI merge in progress
11 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
New UI merge in progress
11 years ago
Restore Graceful Restarting & Socket Activation (#7274) * Prevent deadlock in indexer initialisation during graceful restart * Move from gracehttp to our own service to add graceful ssh * Add timeout for start of indexers and make hammer time configurable * Fix issue with re-initialization in indexer during tests * move the code to detect use of closed to graceful * Handle logs gracefully - add a pid suffix just before restart * Move to using a cond and a holder for indexers * use time.Since * Add some comments and attribution * update modules.txt * Use zero to disable timeout * Move RestartProcess to its own file * Add cleanup routine
5 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
New UI merge in progress
11 years ago
use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976) * use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines * fix tests and add comment head
6 years ago
Add golangci (#6418)
6 years ago
use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976) * use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines * fix tests and add comment head
6 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976) * use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines * fix tests and add comment head
6 years ago
switch to use gliderlabs/ssh for builtin server (#7250) resolves git conflicts from #3896 (credit to @belak, in case github doesn't keep original author during squash) Co-Authored-By: Matti Ranta <techknowlogick@gitea.io>
6 years ago
use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976) * use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines * fix tests and add comment head
6 years ago
Add golangci (#6418)
6 years ago
use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976) * use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines * fix tests and add comment head
6 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259 
  1. // Copyright 2017 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package ssh

  6. 

  7. import (

  8. 	"code.gitea.io/gitea/services/repository"

  9. 	"crypto/rand"

  10. 	"crypto/rsa"

  11. 	"crypto/x509"

  12. 	"encoding/pem"

  13. 	"fmt"

  14. 	"io"

  15. 	"os"

  16. 	"os/exec"

  17. 	"path/filepath"

  18. 	"strings"

  19. 	"sync"

  20. 	"syscall"

  21. 

  22. 	"code.gitea.io/gitea/models"

  23. 	"code.gitea.io/gitea/modules/log"

  24. 	"code.gitea.io/gitea/modules/setting"

  25. 

  26. 	"github.com/gliderlabs/ssh"

  27. 	"github.com/unknwon/com"

  28. 	gossh "golang.org/x/crypto/ssh"

  29. )

  30. 

  31. type contextKey string

  32. 

  33. const giteaKeyID = contextKey("gitea-key-id")

  34. 

  35. func getExitStatusFromError(err error) int {

  36. 	if err == nil {

  37. 		return 0

  38. 	}

  39. 

  40. 	exitErr, ok := err.(*exec.ExitError)

  41. 	if !ok {

  42. 		return 1

  43. 	}

  44. 

  45. 	waitStatus, ok := exitErr.Sys().(syscall.WaitStatus)

  46. 	if !ok {

  47. 		// This is a fallback and should at least let us return something useful

  48. 		// when running on Windows, even if it isn't completely accurate.

  49. 		if exitErr.Success() {

  50. 			return 0

  51. 		}

  52. 

  53. 		return 1

  54. 	}

  55. 

  56. 	return waitStatus.ExitStatus()

  57. }

  58. 

  59. func sessionHandler(session ssh.Session) {

  60. 	keyID := session.Context().Value(giteaKeyID).(int64)

  61. 

  62. 	command := session.RawCommand()

  63. 

  64. 	log.Trace("SSH: Payload: %v", command)

  65. 

  66. 	args := []string{"serv", "key-" + com.ToStr(keyID), "--config=" + setting.CustomConf}

  67. 	log.Trace("SSH: Arguments: %v", args)

  68. 	cmd := exec.Command(setting.AppPath, args...)

  69. 	cmd.Env = append(

  70. 		os.Environ(),

  71. 		"SSH_ORIGINAL_COMMAND="+command,

  72. 		"SKIP_MINWINSVC=1",

  73. 		models.EnvRepoMaxFileSize+"="+fmt.Sprint(setting.Repository.Upload.FileMaxSize),

  74. 		models.EnvRepoMaxSize+"="+fmt.Sprint(setting.Repository.RepoMaxSize),

  75. 		models.EnvPushSizeCheckFlag+"="+fmt.Sprint(setting.Repository.Upload.ShellFlag),

  76. 	)

  77. 

  78. 	if strings.HasPrefix(command, "git-receive-pack") && setting.Repository.Upload.ShellFlag == repository.SHELL_FLAG_ON {

  79. 		repo := getRepoFromCommandStr(command)

  80. 		if repo != nil {

  81. 			cmd.Env = append(cmd.Env, models.EnvRepoSize+"="+fmt.Sprint(repo.Size))

  82. 		}

  83. 	}

  84. 	stdout, err := cmd.StdoutPipe()

  85. 	if err != nil {

  86. 		log.Error("SSH: StdoutPipe: %v", err)

  87. 		return

  88. 	}

  89. 	stderr, err := cmd.StderrPipe()

  90. 	if err != nil {

  91. 		log.Error("SSH: StderrPipe: %v", err)

  92. 		return

  93. 	}

  94. 	stdin, err := cmd.StdinPipe()

  95. 	if err != nil {

  96. 		log.Error("SSH: StdinPipe: %v", err)

  97. 		return

  98. 	}

  99. 

  100. 	wg := &sync.WaitGroup{}

  101. 	wg.Add(2)

  102. 

  103. 	if err = cmd.Start(); err != nil {

  104. 		log.Error("SSH: Start: %v", err)

  105. 		return

  106. 	}

  107. 

  108. 	go func() {

  109. 		defer stdin.Close()

  110. 		if _, err := io.Copy(stdin, session); err != nil {

  111. 			log.Error("Failed to write session to stdin. %s", err)

  112. 		}

  113. 	}()

  114. 

  115. 	go func() {

  116. 		defer wg.Done()

  117. 		if _, err := io.Copy(session, stdout); err != nil {

  118. 			log.Error("Failed to write stdout to session. %s", err)

  119. 		}

  120. 	}()

  121. 

  122. 	go func() {

  123. 		defer wg.Done()

  124. 		if _, err := io.Copy(session.Stderr(), stderr); err != nil {

  125. 			log.Error("Failed to write stderr to session. %s", err)

  126. 		}

  127. 	}()

  128. 

  129. 	// Ensure all the output has been written before we wait on the command

  130. 	// to exit.

  131. 	wg.Wait()

  132. 

  133. 	// Wait for the command to exit and log any errors we get

  134. 	err = cmd.Wait()

  135. 	if err != nil {

  136. 		log.Error("SSH: Wait: %v", err)

  137. 	}

  138. 

  139. 	if err := session.Exit(getExitStatusFromError(err)); err != nil {

  140. 		log.Error("Session failed to exit. %s", err)

  141. 	}

  142. }

  143. 

  144. func getRepoFromCommandStr(command string) *models.Repository {

  145. 	repoPath := strings.TrimPrefix(command, "git-receive-pack '")

  146. 	repoPath = strings.TrimSuffix(repoPath, ".git'")

  147. 	if repoPath != "" {

  148. 		nameArray := strings.Split(repoPath, "/")

  149. 		if len(nameArray) >= 2 {

  150. 			ownerName := nameArray[0]

  151. 			repoName := nameArray[1]

  152. 			if repo, err := models.GetRepositoryByOwnerAndName(ownerName, repoName); err == nil {

  153. 				return repo

  154. 			}

  155. 		}

  156. 	}

  157. 	return nil

  158. 

  159. }

  160. 

  161. func publicKeyHandler(ctx ssh.Context, key ssh.PublicKey) bool {

  162. 	if ctx.User() != setting.SSH.BuiltinServerUser {

  163. 		return false

  164. 	}

  165. 

  166. 	pkey, err := models.SearchPublicKeyByContent(strings.TrimSpace(string(gossh.MarshalAuthorizedKey(key))))

  167. 	if err != nil {

  168. 		log.Error("SearchPublicKeyByContent: %v", err)

  169. 		return false

  170. 	}

  171. 

  172. 	ctx.SetValue(giteaKeyID, pkey.ID)

  173. 

  174. 	return true

  175. }

  176. 

  177. // Listen starts a SSH server listens on given port.

  178. func Listen(host string, port int, ciphers []string, keyExchanges []string, macs []string) {

  179. 	// TODO: Handle ciphers, keyExchanges, and macs

  180. 

  181. 	srv := ssh.Server{

  182. 		Addr:             fmt.Sprintf("%s:%d", host, port),

  183. 		PublicKeyHandler: publicKeyHandler,

  184. 		Handler:          sessionHandler,

  185. 

  186. 		// We need to explicitly disable the PtyCallback so text displays

  187. 		// properly.

  188. 		PtyCallback: func(ctx ssh.Context, pty ssh.Pty) bool {

  189. 			return false

  190. 		},

  191. 	}

  192. 

  193. 	keyPath := filepath.Join(setting.AppDataPath, "ssh/gogs.rsa")

  194. 	if !com.IsExist(keyPath) {

  195. 		filePath := filepath.Dir(keyPath)

  196. 

  197. 		if err := os.MkdirAll(filePath, os.ModePerm); err != nil {

  198. 			log.Error("Failed to create dir %s: %v", filePath, err)

  199. 		}

  200. 

  201. 		err := GenKeyPair(keyPath)

  202. 		if err != nil {

  203. 			log.Fatal("Failed to generate private key: %v", err)

  204. 		}

  205. 		log.Trace("New private key is generated: %s", keyPath)

  206. 	}

  207. 

  208. 	err := srv.SetOption(ssh.HostKeyFile(keyPath))

  209. 	if err != nil {

  210. 		log.Error("Failed to set Host Key. %s", err)

  211. 	}

  212. 

  213. 	go listen(&srv)

  214. 

  215. }

  216. 

  217. // GenKeyPair make a pair of public and private keys for SSH access.

  218. // Public key is encoded in the format for inclusion in an OpenSSH authorized_keys file.

  219. // Private Key generated is PEM encoded

  220. func GenKeyPair(keyPath string) error {

  221. 	privateKey, err := rsa.GenerateKey(rand.Reader, 2048)

  222. 	if err != nil {

  223. 		return err

  224. 	}

  225. 

  226. 	privateKeyPEM := &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(privateKey)}

  227. 	f, err := os.OpenFile(keyPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600)

  228. 	if err != nil {

  229. 		return err

  230. 	}

  231. 	defer func() {

  232. 		if err = f.Close(); err != nil {

  233. 			log.Error("Close: %v", err)

  234. 		}

  235. 	}()

  236. 

  237. 	if err := pem.Encode(f, privateKeyPEM); err != nil {

  238. 		return err

  239. 	}

  240. 

  241. 	// generate public key

  242. 	pub, err := gossh.NewPublicKey(&privateKey.PublicKey)

  243. 	if err != nil {

  244. 		return err

  245. 	}

  246. 

  247. 	public := gossh.MarshalAuthorizedKey(pub)

  248. 	p, err := os.OpenFile(keyPath+".pub", os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600)

  249. 	if err != nil {

  250. 		return err

  251. 	}

  252. 	defer func() {

  253. 		if err = p.Close(); err != nil {

  254. 			log.Error("Close: %v", err)

  255. 		}

  256. 	}()

  257. 	_, err = p.Write(public)

  258. 	return err

  259. }

No Description