geofront.masterkey — Master key management¶
Master key renewal process:
- Create a new master key without updating the master key store.
- Update every authorized_keys to authorize both the previous and the new master keys.
- Store the new master key to the master key store, and remove the previous master key.
- Update very authorized_keys to authorize only the new master key.
For more details, see also TwoPhaseRenewal.
Changed in version 0.2.0: CloudMasterKeyStore is moved from this module to geofront.backends.cloud. See CloudMasterKeyStore.
- exception geofront.masterkey.EmptyStoreError¶
Exception that rises when there’s no master key yet in the store.
- class geofront.masterkey.FileSystemMasterKeyStore(path: str)¶
Store the master key into the file system. Although not that secure, but it might help you to try out Geofront.
Parameters: path (str) – the path to save file. it has to end with the filename Raises OSError: when the path is not writable
- class geofront.masterkey.MasterKeyStore¶
The master key store backend interface. It can have only one master key at the most.
- load() → paramiko.pkey.PKey¶
Load the stored master key.
Returns: the stored master key Return type: paramiko.pkey.PKey Raises geofront.masterkey.EmptyStoreError: when there’s no master key yet in the store
- save(master_key: paramiko.pkey.PKey)¶
Remove the stored master key, and then save the new master key. The operation should be atomic.
Parameters: master_key (paramiko.pkey.PKey) – the new master key to replace the existing master key
- class geofront.masterkey.PeriodicalRenewal(servers: collections.abc.Set, key_store: geofront.masterkey.MasterKeyStore, interval: datetime.timedelta, bits: int=2048, start: bool=True)¶
Periodically renew the master key in the separated background thread.
Parameters: - servers (collections.abc.Set) – servers to renew the master key. every element has to be an instance of Remote
- key_store (MasterKeyStore) – the master key store to update
- interval (datetime.timedelta) – the interval to renew
- bits (int) – the number of bits the generated key should be. it has to be 1024 at least, and a multiple of 256. 2048 by default
- start (bool) – whether to start the background thread immediately. True by default
New in version 0.2.0: The bits optional parameter.
- terminate()¶
Graceful termination.
- class geofront.masterkey.TwoPhaseRenewal(servers: collections.abc.Set, old_key: paramiko.pkey.PKey, new_key: paramiko.pkey.PKey)¶
Renew the master key for the given servers. It’s a context manager for with statement.
# State: servers allow only old_key; # old_key is in the master_key_store with TwoPhaseRenewal(servers, old_key, new_key): # State: *servers allow both old_key and new_key;* # old_key is in the master_key_store master_key_store.save(new_key) # State: servers allow both old_key and new_key; # *new_key is in the master_key_store.* # State: *servers allow only new_key;* # new_key is in the master_key_store
Parameters: - servers (collections.abc.Set) – the set of Remote servers to renew their master key
- old_key (paramiko.pkey.PKey) – the previous master key to expire
- new_key (paramiko.pkey.PKey) – the new master key to replace old_key
- geofront.masterkey.read_private_key_file(file_: io.IOBase) → paramiko.pkey.PKey¶
Read a private key file. Similar to PKey.from_private_key() except it guess the key type.
Parameters: file (io.IOBase) – a stream of the private key to read Returns: the read private key Return type: paramiko.pkey.PKery Raises paramiko.ssh_exception.SSHException: when something goes wrong
- geofront.masterkey.renew_master_key(servers: collections.abc.Set, key_store: geofront.masterkey.MasterKeyStore, bits: int=2048) → paramiko.pkey.PKey¶
Renew the master key. It creates a new master key, makes servers to authorize the new key, replaces the existing master key with the new key in the key_store, and then makes servers to deauthorize the old key. All these operations are done in a two-phase renewal transaction.
Parameters: - servers (collections.abc.Set) – servers to renew the master key. every element has to be an instance of Remote
- key_store (MasterKeyStore) – the master key store to update
- bits (int) – the number of bits the generated key should be. it has to be 1024 at least, and a multiple of 256. 2048 by default
Returns: the created new master key
Return type: New in version 0.2.0: The bits optional parameter.