Updating known_hosts file periodically for autoadd policy

82a6dfda · Sheng · dc0b48ce · 82a6dfda
Commit 82a6dfda authored Mar 16, 2018 by Sheng
Show whitespace changes
Inline Side-by-side

Showing with 22 additions and 13 deletions

main.py main.py +22 -13

No files found.
--- a/main.py
+++ b/main.py
@@ -6,6 +6,7 @@ import traceback
 import uuid
 import weakref
 import paramiko
+import tornado.ioloop
 import tornado.web
 import tornado.websocket
 from tornado.ioloop import IOLoop
@@ -19,6 +20,7 @@ define('port', default=8888, help='listen port', type=int)
 define('debug', default=False, help='debug mode', type=bool)
 define('policy', default='reject',
       help='missing host key policy, reject|autoadd|warning')
+define('period', default=10, help='seconds for PeriodicCallback', type=int)


 BUF_SIZE = 1024
@@ -197,9 +199,7 @@ class IndexHandler(MixinHandler, tornado.web.RequestHandler):

    def ssh_connect(self):
        ssh = paramiko.SSHClient()
-        if isinstance(self.settings['policy'], paramiko.client.AutoAddPolicy):
-            ssh.load_host_keys(self.settings['host_file'])
-        else:
+        ssh._system_host_keys = self.settings['system_host_keys']
        ssh._host_keys = self.settings['host_keys']
        ssh.set_missing_host_key_policy(self.settings['policy'])
        args = self.get_args()
@@ -290,12 +290,12 @@ def get_host_keys(path):
    return paramiko.hostkeys.HostKeys()


-def create_host_file(host_file):
-    host_keys = get_host_keys(host_file)
-    if not host_keys:
-        host_keys = get_host_keys(os.path.expanduser('~/.ssh/known_hosts'))
-    host_keys.save(host_file)
-    return host_keys
+def save_host_keys(host_keys, filename):
+    length = len(host_keys)
+    if length != host_keys._last_len:
+        logging.info('Updating {}'.format(filename))
+        host_keys.save(filename)
+        host_keys._last_len = length


 def get_policy_class(policy):
@@ -316,11 +316,20 @@ def get_policy_class(policy):
 def main():
    parse_command_line()
    base_dir = os.path.dirname(__file__)
-    host_file = os.path.join(base_dir, 'known_hosts')
-    host_keys = create_host_file(host_file)
+    filename = os.path.join(base_dir, 'known_hosts')
+    host_keys = get_host_keys(filename)
+    system_host_keys = get_host_keys(os.path.expanduser('~/.ssh/known_hosts'))
    policy_class = get_policy_class(options.policy)

-    if not host_keys and policy_class is paramiko.client.RejectPolicy:
+    if policy_class is paramiko.client.AutoAddPolicy:
+        host_keys.save(filename)  # for permssion test
+        host_keys._last_len = len(host_keys)
+        tornado.ioloop.PeriodicCallback(
+            lambda: save_host_keys(host_keys, filename),
+            options.period * 1000  # milliseconds
+        ).start()
+    elif policy_class is paramiko.client.RejectPolicy:
+        if not host_keys and not system_host_keys:
            raise ValueError('Empty known_hosts with reject policy?')

    settings = {
@@ -337,8 +346,8 @@ def main():

    settings.update(
        debug=options.debug,
-        host_file=host_file,
        host_keys=host_keys,
+        system_host_keys=system_host_keys,
        policy=policy_class()
    )