3 Parses SSH known_hosts files
5 Author: Raphaël Pinson <raphink@gmail.com>
8 This lens manages OpenSSH's known_hosts files. See `man 8 sshd` for reference.
11 This file is licenced under the LGPL v2+, like the rest of Augeas.
14 Sample usage of this lens in augtool:
16 * Get a key by name from ssh_known_hosts
17 > print /files/etc/ssh_known_hosts/*[.="foo.example.com"]
21 > set /files/etc/ssh_known_hosts/*[.="foo.example.com"]/key "newkey"
23 About: Configuration files
24 This lens applies to SSH known_hosts files. See <filter>.
34 The marker is optional, but if it is present then it must be one of
35 “@cert-authority”, to indicate that the line contains a certification
36 authority (CA) key, or “@revoked”, to indicate that the key contained
37 on the line is revoked and must not ever be accepted.
38 Only one marker should be used on a key line.
40 let marker = [ key /@(revoked|cert-authority)/ . Sep.space ]
44 Bits, exponent, and modulus are taken directly from the RSA host key;
45 they can be obtained, for example, from /etc/ssh/ssh_host_key.pub.
46 The optional comment field continues to the end of the line, and is not used.
48 let type = [ label "type" . store Rx.neg1 ]
52 A known_hosts entry *)
54 let alias = [ label "alias" . store Rx.neg1 ]
55 in let key = [ label "key" . store Rx.neg1 ]
56 in [ Util.indent . seq "entry" . marker?
58 . (Sep.comma . Build.opt_list alias Sep.comma)?
59 . Sep.space . type . Sep.space . key
60 . Util.comment_or_eol ]
63 The known_hosts lens *)
64 let lns = (Util.empty | Util.comment | entry)*
66 (* Variable: filter *)
67 let filter = incl "/etc/ssh/ssh_known_hosts"
68 . incl (Sys.getenv("HOME") . "/.ssh/known_hosts")
70 let xfm = transform lns filter
projects / platform / upstream / augeas.git / blob