Tod Beardsley
a1668f2b23
Pubkeys are now stored as loot, and the Cred model has new and exciting ways to discover which pubkeys match which privkeys. Squashed commit of the following: commit 036d2eb61500da7e161f50d348a44fbf615f6e17 Author: Tod Beardsley <todb@metasploit.com> Date: Sun Jan 8 22:23:32 2012 -0600 Updates ssh credentials to easily find common keys Instead of making the modules do all the work of cross-checking keys, this introduces a few new methods to the Cred model to make this more universal. Also includes the long-overdue workspace() method for credentials. So far, nothing actually implements it, but it's nice that it's there now. commit c28430a721fc6272e48329bed902dd5853b4a75a Author: Tod Beardsley <todb@metasploit.com> Date: Sun Jan 8 20:10:40 2012 -0600 Adding back cross-checking for privkeys. Needs to test to see if anything depends on order, but should be okay to mark up the privkey proof with this as well. commit dd3563995d4d3c015173e730eebacf471c671b4f Author: Tod Beardsley <todb@metasploit.com> Date: Sun Jan 8 16:49:56 2012 -0600 Add SSHKey gem, convert PEM pubkeys to SSH pubkeys commit 11fc363ebda7bda2c3ad6d940299bf4cbafac6fd Author: Tod Beardsley <todb@metasploit.com> Date: Sun Jan 8 13:51:55 2012 -0600 Store pubkeys as loot for reuse. Yanked cross checking for now, will drop back in before pushing. commit aad12b31a897db2952999f7be0161df1f59b6000 Author: Tod Beardsley <todb@metasploit.com> Date: Sun Jan 8 02:10:12 2012 -0600 Fixes up a couple typos in ssh_identify_pubkeys commit 48937728a92b9ae52d0b93cdcd20bb83f15f8803 Author: Tod Beardsley <todb@metasploit.com> Date: Sat Jan 7 17:18:33 2012 -0600 Updates to ssh_identify_pubkeys and friends Switches reporting to cred-based rather than note-based, accurately deal with DSA keys, adds disable_agent option to other ssh modules, and reports successful ssh_login attempts pubkey fingerprints as well. This last thing Leads to some double accounting of creds, so I'm not super-thrilled, but it sure makes searching for ssh_pubkey types a lot easier.... maybe a better solution is to just have a special method for the cred model, though.