2 Module: Authorized_Keys
3 Parses SSH authorized_keys
5 Author: Raphael Pinson <raphael.pinson@camptocamp.com>
8 This lens tries to keep as close as possible to `man 5 authorized_keys` where possible.
11 This file is licenced under the LGPL v2+, like the rest of Augeas.
16 About: Configuration files
17 This lens applies to SSH authorized_keys. See <filter>.
20 The <Test_Authorized_Keys> file contains various examples and tests.
24 module Authorized_Keys =
31 let kv_re = "command" | "environment" | "from"
32 | "permitopen" | "principals" | "tunnel"
33 in let flag_re = "cert-authority" | "no-agent-forwarding"
34 | "no-port-forwarding" | "no-pty" | "no-user-rc"
36 in let option_value = Util.del_str "\"" . store /[^\n"]+/ . Util.del_str "\""
37 in Build.key_value kv_re Sep.equal option_value
41 A list of key <option>s *)
42 let key_options = [ label "options" . Build.opt_list option Sep.comma ]
46 let key_type_re = /ecdsa-sha2-nistp[0-9]+/ | /ssh-[a-z0-9]+/
47 in [ label "type" . store key_type_re ]
49 (* View: key_comment *)
50 let key_comment = [ label "comment" . store Rx.space_in ]
52 (* View: authorized_key *)
55 . (key_options . Sep.space)?
56 . key_type . Sep.space
58 . (Sep.space . key_comment)?
62 The authorized_keys lens
64 let lns = ( Util.empty | Util.comment | authorized_key)*
66 (* Variable: filter *)
67 let filter = incl (Sys.getenv("HOME") . "/.ssh/authorized_keys")
69 let xfm = transform lns filter