3 * Change user's SSH authorized keys
5 * Copyright 1999-2001 (c) VA Linux Systems
7 * This file is part of GForge.
9 * GForge is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * GForge is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with GForge; if not, write to the Free Software
21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 require_once('../env.inc.php');
25 require_once $gfwww.'include/pre.php';
26 require_once $gfcommon.'include/account.php';
29 * Simple function that tries to check the validity of public ssh keys with a regexp.
30 * Exits with an error message if an invalid key is found.
32 * \param keys A string with a set of keys to check. Each key is delimited by a carriage return.
34 function checkKeys($keys) {
35 $key = strtok($keys,"\n");
37 while ($key !== false) {
39 if ((strlen($key) > 0) && ($key[0] != '#')) {
40 /* The encoded key is made of 0-9, A-Z ,a-z, +, / (base 64) characters,
41 ends with zero or up to three '=' and the length must be >= 512 bits (157 base64 characters).
42 The whole key ends with an optional comment. */
43 if ( preg_match("@^ssh-(rsa|dss)\s+[A-Za-z0-9+/]{157,}={0,2}(\s+.*)?$@", $key) === 0 ) { // Warning: we must use === for the test
44 $msg = sprintf (_('The following key has a wrong format: |%s|. Please, correct it by going back to the previous page.'),
45 htmlspecialchars($key));
46 exit_error('Error', $msg);
53 session_require(array('isloggedin'=>1));
54 $u =& user_get_object(user_getid());
55 if (!$u || !is_object($u)) {
56 exit_error('Error','Could Not Get User');
57 } elseif ($u->isError()) {
58 exit_error('Error',$u->getErrorMessage());
61 if (getStringFromRequest('submit')) {
62 $authorized_keys = getStringFromRequest('authorized_keys');
63 checkKeys ($authorized_keys);
65 if (!$u->setAuthorizedKeys($authorized_keys)) {
68 'Could not update SSH authorized keys: '.db_error()
71 session_redirect("/account/");
74 // not valid registration, or first time to page
75 site_user_header(array('title'=>'Change Authorized Keys'));
77 echo _('<p>To avoid having to type your password every time for your CVS/SSH developer account, you may upload your public key(s) here and they will be placed on the CVS server in your ~/.ssh/authorized_keys file. This is done by a cron job, so it may not happen immediately. Please allow for a one hour delay.</p><p>To generate a public key, run the program \'ssh-keygen\' (you can use both protocol 1 or 2). The public key will be placed at \'~/.ssh/identity.pub\' (protocole 1) and \'~/.ssh/id_dsa.pub\' or \'~/.ssh/id_rsa.pub\' (protocole 2). Read the ssh documentation for further information on sharing keys.</p>');
80 <form action="<?php echo getStringFromServer('PHP_SELF'); ?>" method="post">
81 <p><?php echo _('Authorized keys:<br /><em>Important: Make sure there are no line breaks except between keys. After submitting, verify that the number of keys in your file is what you expected.</em>'); ?>
83 <textarea rows="10" cols="80" name="authorized_keys" style="width:90%;">
84 <?php echo $u->getAuthorizedKeys(); ?>
86 <p><input type="submit" name="submit" value="<?php echo _('Update'); ?>" /></p>
91 site_user_footer(array());