Usage:
check_keys.py hosts [<FILE>]
check_keys.py key [<FILE>...]
check_keys.py github <user>
$ check_hosts.py github cagerton
[
{
"fingerprint": "87:bf:d6:af:b2:04:c8:01:25:69:40:96:ea:8f:f4:50",
"bits": 2048,
"meta": "cagerton (RSA)"
}
]
$ ssh-keygen -b 4096 -f output
$ ssh-keygen -t dsa -f output_d
$ check_hosts.py key *.pub
{
"fingerprint": "79:ac:f3:1f:7e:a1:22:2f:b9:31:e9:75:b9:c2:0f:18",
"bits": 4096,
"meta": "[email protected] (RSA)"
}
{
"fingerprint": "ef:18:c6:8d:79:e5:28:89:2c:af:00:5a:be:5e:3c:38",
"bits": 1024,
"meta": "[email protected] (DSA)"
}
Last active
December 25, 2015 00:59
-
-
Save cagerton/6891600 to your computer and use it in GitHub Desktop.
Little python3.3 script to show information about ssh public keys from key files or known_hosts files.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3.3 | |
| """Check Keys script | |
| Usage: | |
| check_keys.py hosts [<FILE>] | |
| check_keys.py key [<FILE>...] | |
| check_keys.py github <user> | |
| """ | |
| import subprocess, tempfile, os, re, json, docopt, urllib.parse, urllib.request | |
| def guess_hosts_file(): | |
| return os.path.join(os.path.expanduser('~'),'.ssh','known_hosts') | |
| def github_keys(username): | |
| url = "https://api.github.com/users/%s/keys" % urllib.parse.quote(username) | |
| with urllib.request.urlopen(url) as req: | |
| resp = [ k['key'] for k in json.loads(req.read().decode('utf8'))] | |
| return [ parse_keytext(t + ' ' + username) for t in resp ] | |
| def parse_keytext(text): | |
| with tempfile.NamedTemporaryFile() as tmp: | |
| tmp.write(text.encode('utf8')) | |
| tmp.flush() | |
| return parse_keyfile(tmp.name) | |
| def parse_keyfile(filename): | |
| res = subprocess.check_output(['ssh-keygen','-lf', filename]).decode('utf8') | |
| parsed = re.match(r'(?P<bits>\d+)\s+(?P<fingerprint>[\da-f:]+)\s+(?P<meta>.*)', res) | |
| return { | |
| 'bits': int(parsed.group('bits')), | |
| 'fingerprint': parsed.group('fingerprint'), | |
| 'meta': parsed.group('meta'), | |
| } | |
| def parse_known_hosts(known_hosts_file): | |
| key_map = {} | |
| with open(known_hosts_file) as f: | |
| lines = [ line for line in f.read().split("\n") if len(line) > 0 ] | |
| for l in lines: | |
| key = parse_keytext(("%s %s" % (keytype, key)).encode('utf8')) | |
| if key['fingerprint'] not in key_map: | |
| key_map[key['fingerprint']] = {'hosts':[],'bits':key['bits'],} | |
| key_map[key['fingerprint']]['hosts'].append(host) | |
| return key_map | |
| def format_data(key_map): | |
| return json.dumps(key_map, indent='\t') | |
| if __name__ == "__main__": | |
| args = docopt.docopt(__doc__, version='Project.py concept.') | |
| if args['hosts']: | |
| known_hosts_file = (args['<FILE>']+[guess_hosts_file()])[0] | |
| key_map = parse_known_hosts(known_hosts_file) | |
| print(format_data(key_map)) | |
| elif args['key']: | |
| for keyfile in args['<FILE>']: | |
| print(format_data(parse_keyfile(keyfile))) | |
| elif args['github']: | |
| print(format_data(github_keys(args['<user>']))) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment