Module: RightSupport::Validation::SSH

Defined in:

lib/right_support/validation/ssh.rb

Overview

Validation methods pertaining to the Secure Shell (SSH) protocol.

Instance Method Summary

• #ssh_private_key?(key_material, passphrase = nil) ⇒ Boolean

  Determine whether a string is a valid PEM-encoded private key.

• #ssh_public_key?(key_material) ⇒ Boolean

  Determine whether a string is a valid public key in SSH public-key notation as might be found in an SSH authorized_keys file.

Instance Method Details

#ssh_private_key?(key_material, passphrase = nil) ⇒ Boolean

Determine whether a string is a valid PEM-encoded private key. Actually parses the key to prove validity as well as well-formedness. Relies on the OpenSSL Validation module to parse the private key since PEM is a standard non-SSH-specific key format.

Parameters

key_material(String)

the putative key material

passphrase(String)

the encryption passphrase, if needed

Return

If the key is well-formed and valid, return true. Otherwise, return false.

Returns:

• (Boolean)

# File 'lib/right_support/validation/ssh.rb', line 38

def ssh_private_key?(key_material, passphrase=nil)
  return RightSupport::Validation.pem_private_key?(key_material, passphrase)
end

#ssh_public_key?(key_material) ⇒ Boolean

Determine whether a string is a valid public key in SSH public-key notation as might be found in an SSH authorized_keys file.

However, authorized-key options are not allowed as they would be in an actual line of the authorized_keys file. The caller is responsible for stripping out any options. The string can consist of the following three whitespace-separated fields:

* algorithm (e.g. "ssh-rsa")
* key material (base64-encoded blob)
* comments (e.g. "user@localhost"); optional

This method actually parses the public key to prove validity as well as well-formedness.

Parameters

key_material(String)

the putative key material

Return

If the key is well-formed and valid, return true. Otherwise, return false.

Returns:

• (Boolean)

# File 'lib/right_support/validation/ssh.rb', line 61

def ssh_public_key?(key_material)
  return false if key_material.nil? || key_material.empty?
  key = ::Net::SSH::KeyFactory.load_data_public_key(key_material)
  key.to_der #make sure it's valid in addition to being well formed
  return true
rescue ::Net::SSH::Exception, ::OpenSSL::PKey::PKeyError, NotImplementedError
  return false
end