// Copyright 2015 CoreOS, Inc. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. package system import ( "fmt" "io" "io/ioutil" "os/exec" "strings" ) // AuthorizeSSHKeys adds the provided SSH public key to the core user's list of // authorized keys func AuthorizeSSHKeys(user string, keysName string, keys []string) error { for i, key := range keys { keys[i] = strings.TrimSpace(key) } // join all keys with newlines, ensuring the resulting string // also ends with a newline joined := fmt.Sprintf("%s\n", strings.Join(keys, "\n")) cmd := exec.Command("update-ssh-keys", "-u", user, "-a", keysName) stdin, err := cmd.StdinPipe() if err != nil { return err } stdout, err := cmd.StdoutPipe() if err != nil { return err } stderr, err := cmd.StderrPipe() if err != nil { return err } err = cmd.Start() if err != nil { stdin.Close() return err } _, err = io.WriteString(stdin, joined) if err != nil { return err } stdin.Close() stdoutBytes, _ := ioutil.ReadAll(stdout) stderrBytes, _ := ioutil.ReadAll(stderr) err = cmd.Wait() if err != nil { return fmt.Errorf("Call to update-ssh-keys failed with %v: %s %s", err, string(stdoutBytes), string(stderrBytes)) } return nil }