2 Module: Authorized_Keys
3 Parses SSH authorized_keys
5 Author: Raphael Pinson <raphael.pinson@camptocamp.com>
8 This lens tries to keep as close as possible to `man 5 authorized_keys` where possible.
11 This file is licenced under the LGPL v2+, like the rest of Augeas.
16 About: Configuration files
17 This lens applies to SSH authorized_keys. See <filter>.
20 The <Test_Authorized_Keys> file contains various examples and tests.
24 module Authorized_Keys =
31 let kv_re = "command" | "environment" | "from"
32 | "permitopen" | "principals" | "tunnel"
33 in let flag_re = "cert-authority" | "no-agent-forwarding"
34 | "no-port-forwarding" | "no-pty" | "no-user-rc"
36 in let option_value = Util.del_str "\""
37 . store /((\\\\")?[^\\\n"]*)+/
39 in Build.key_value kv_re Sep.equal option_value
43 A list of key <option>s *)
44 let key_options = [ label "options" . Build.opt_list option Sep.comma ]
48 let key_type_re = /ecdsa-sha2-nistp[0-9]+/ | /ssh-[a-z0-9]+/
49 in [ label "type" . store key_type_re ]
51 (* View: key_comment *)
52 let key_comment = [ label "comment" . store Rx.space_in ]
54 (* View: authorized_key *)
57 . (key_options . Sep.space)?
58 . key_type . Sep.space
60 . (Sep.space . key_comment)?
64 The authorized_keys lens
66 let lns = ( Util.empty | Util.comment | authorized_key)*
68 (* Variable: filter *)
69 let filter = incl (Sys.getenv("HOME") . "/.ssh/authorized_keys")
71 let xfm = transform lns filter