Check if a private key is available from an agent using Ruby's Net::SSH

2018-06-08 08:14:22

I'm using Net::SSH to automate access to remove hosts from a ruby program, using key authentication. The program does not dictate where the user should put the private key, instead relying on the user's SSH agent to provide the required keys (as it should).

The problem is if the required private key is not available, the connection will fail - and this may happen a long way into the program (the SSH connection is one of the last things we do after doing a lot of other - not easily reversible - operations).

Supposed that I know what private key the user should have (as specified by the key fingerprint), how can I do this check from ruby - other then execute ssh-add -l and grepping the output?

I've looked at Net::SSH KeyFactory class, but it only lets you load private keys if you know the name of the file in which they are stored.

I figured it out - Net::SSH::Authentication::KeyManager has what I need:

hasidentity = false
Net::SSH::Authentication::KeyManager.new(nil?).each_identity do |i| 
  hasidentity |= i.fingerprint == 'my:ke:ys:fi:ng:er:pr:in:t'
end

KeyManager also has a collection called identities , though from what I understand, that holds only keys loaded directly into Net::SSH, while each_identity iterates over all available identities, including those available from an agent.

链接地址: http://www.djcxy.com/p/25278.html

上一篇: 用Ruby gem net读取Linux实例的stdout

下一篇: 使用Ruby的Net :: SSH检查代理是否有私钥可用