Struct AuthorizedKeys

Source
pub struct AuthorizedKeys {
    pub ssh_dir: PathBuf,
    pub keys: HashMap<String, AuthorizedKeySet>,
    pub user: User,
    /* private fields */
}

Fields§

§ssh_dir: PathBuf§keys: HashMap<String, AuthorizedKeySet>§user: User

Implementations§

Source§

impl AuthorizedKeys

Source

pub fn authorized_keys_dir(&self) -> PathBuf

Source

pub fn authorized_keys_file(&self) -> PathBuf

Source

pub fn stage_dir(&self) -> PathBuf

Source

pub fn stage_file(&self) -> PathBuf

Source

pub fn write(&self) -> Result<()>

write writes all authorized_keys.d changes onto disk. it writes the current state to a staging directory and then moves that staging directory to the authorized_keys.d path.

Source

pub fn sync(&self) -> Result<()>

sync writes all the keys we have to authorized_keys. it writes the current state to a staging file and then moves that staging file to the authorized_keys path

Source

pub fn read_keys<R>(r: R) -> Result<Vec<AuthorizedKeyEntry>>
where R: Read,

read_keys reads keys from a file in the authorized_keys file format, as described by the sshd man page. it logs a warning if it fails to parse any of the keys.

Source

pub fn open(user: User, create: bool, ssh_dir: Option<PathBuf>) -> Result<Self>

open creates a new authorized_keys object. if there is an existing authorized_keys directory on disk it reads all the keys from that. if there is no directory already and we are told to create it, we add the existing authorized keys file as an entry, if it exists.

before open actually does any of that, it switches it’s uid for the span of the function and then switched back. it also opens a file lock on the directory that other instances of update-ssh-keys will respect. the file lock will automatically close when this structure goes out of scope. you can make sure it is unlocked by calling drop yourself in cases where you think the memory may leak (like if you are tossing boxes around etc).

open blocks until it can grab the file lock.

open returns an error if any file operations fail, if it failes to parse any of the public keys in the existing files, if it failes to change users, if it failes to grab the lock, or if create is false but the directory doesn’t exist.

Source

pub fn get_keys(&self, name: &str) -> Option<&AuthorizedKeySet>

get_keys gets the authorized keyset with the provided name

Source

pub fn get_all_keys(&self) -> &HashMap<String, AuthorizedKeySet>

get_all_keys returns the hashmap from name to keyset containing all the keys we know about

Source

pub fn add_keys( &mut self, name: &str, keys: Vec<AuthorizedKeyEntry>, replace: bool, force: bool, ) -> Result<Vec<AuthorizedKeyEntry>>

add_keys adds a list of public keys with the provide name. if replace is true, it will replace existing keys. if force is true, it will replace disabled keys.

if the keys vector is empty, the function doesn’t create an entry. empty entries are reserved for representing disabled keysets.

add_keys returns an error if the key already exists and replace is false, or if the key is disabled and force is false

Source

pub fn remove_keys(&mut self, name: &str) -> Vec<AuthorizedKeyEntry>

remove_keys removes the keyset with the given name.

Source

pub fn disable_keys(&mut self, name: &str) -> Vec<AuthorizedKeyEntry>

disable_keys disables keys with the given name. they can’t be added again unless force is set to true when adding the set. disable_keys will succeed in disabling the key even if the key doesn’t currently exist.

Trait Implementations§

Source§

impl Debug for AuthorizedKeys

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Drop for AuthorizedKeys

Source§

fn drop(&mut self)

Executes the destructor for this type. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.