diff --git a/README.rst b/README.rst index f699249..8ac29bc 100644 --- a/README.rst +++ b/README.rst @@ -3,10 +3,10 @@ Using Trezor as a hardware SSH agent Sample usage:: - ~/Code/trezor/trezor-agent $ ./agent.py -k home + ~/Code/trezor/trezor-agent $ ./agent -k home ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKJnIA4lKZ1hR2tNUOFmtc8MwAVR4oe0CP5QzSrviSi4joZSTzHcmazK0800w2aj132EEmf1kzl6Vf7h46iCeD8= home - ~/Code/trezor/trezor-agent $ ./agent.py -k home > ~/.ssh/authorized_keys - ~/Code/trezor/trezor-agent $ ./agent.py -k home ssh localhost + ~/Code/trezor/trezor-agent $ ./agent -k home > ~/.ssh/authorized_keys + ~/Code/trezor/trezor-agent $ ./agent -k home ssh localhost Linux lmde 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt9-3~deb8u1 (2015-04-24) x86_64 The programs included with the Debian GNU/Linux system are free software; diff --git a/__main__.py b/__main__.py new file mode 100644 index 0000000..91ec55d --- /dev/null +++ b/__main__.py @@ -0,0 +1,43 @@ +import sys +import argparse +import logging +log = logging.getLogger(__name__) + +import trezor +import agent + +def main(): + fmt = '%(asctime)s %(levelname)-12s %(message)-100s [%(filename)s]' + p = argparse.ArgumentParser() + p.add_argument('-k', '--key-label', + metavar='LABEL', dest='labels', action='append', default=[]) + p.add_argument('-v', '--verbose', action='count', default=0) + p.add_argument('command', type=str, nargs='*') + args = p.parse_args() + + verbosity = [logging.WARNING, logging.INFO, logging.DEBUG] + level = verbosity[min(args.verbose, len(verbosity) - 1)] + logging.basicConfig(level=level, format=fmt) + + client = trezor.Client() + + key_files = [] + for label in args.labels: + pubkey = client.get_public_key(label=label) + key_files.append(trezor.export_public_key(pubkey=pubkey, label=label)) + + if not args.command: + sys.stdout.write(''.join(key_files)) + return + + signer = client.sign_ssh_challenge + + try: + agent.serve(key_files=key_files, command=args.command, signer=signer) + except KeyboardInterrupt: + log.info('server stopped') + except Exception as e: + log.warning(e, exc_info=True) + +if __name__ == '__main__': + main() diff --git a/agent b/agent new file mode 100755 index 0000000..0738e3b --- /dev/null +++ b/agent @@ -0,0 +1,2 @@ +#!/bin/bash +python __main__.py $* diff --git a/agent.py b/agent.py old mode 100755 new mode 100644 index 35776fd..81c24e9 --- a/agent.py +++ b/agent.py @@ -3,7 +3,6 @@ import socket import os import sys import subprocess -import argparse import tempfile import contextlib import threading @@ -11,15 +10,6 @@ import logging log = logging.getLogger(__name__) import protocol -import trezor - - -def load_keys(key_files): - keys = [] - for f in key_files: - k = protocol.load_public_key(f) - keys.append(k) - return keys @contextlib.contextmanager @@ -92,40 +82,3 @@ def serve(key_files, command, signer, sock_path=None): log.info('exitcode: %d', ret) sys.exit(ret) - - -def main(): - fmt = '%(asctime)s %(levelname)-12s %(message)-100s [%(filename)s]' - p = argparse.ArgumentParser() - p.add_argument('-k', '--key-label', - metavar='LABEL', dest='labels', action='append', default=[]) - p.add_argument('-v', '--verbose', action='count', default=0) - p.add_argument('command', type=str, nargs='*') - args = p.parse_args() - - verbosity = [logging.WARNING, logging.INFO, logging.DEBUG] - level = verbosity[min(args.verbose, len(verbosity) - 1)] - logging.basicConfig(level=level, format=fmt) - - client = trezor.Client() - - key_files = [] - for label in args.labels: - pubkey = client.get_public_key(label=label) - key_files.append(trezor.export_public_key(pubkey=pubkey, label=label)) - - if not args.command: - sys.stdout.write(''.join(key_files)) - return - - signer = client.sign_ssh_challenge - - try: - serve(key_files=key_files, command=args.command, signer=signer) - except KeyboardInterrupt: - log.info('server stopped') - except Exception as e: - log.warning(e, exc_info=True) - -if __name__ == '__main__': - main() diff --git a/agent_bash b/agent_bash deleted file mode 100755 index 6559f54..0000000 --- a/agent_bash +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/bash -./agent.py $* -- bash