public static void UnloadKey(SshConnectionData sftpConnectionData, string clientName, string authorizedKeyPath)
{
lock (locker)
{
// Inserire quì la connessione ssh e salvataggio della chiave pubblica sul server
// Lo faccio tramite SSH, in questo modo è possibile tenere webserver e server ssh anche separati
SftpHelper sftp = new SftpHelper();
// download authorized_keys
sftp.DownloadFile(sftpConnectionData, authorizedKeyPath, Constants.TEMP_AUTHORIZED_KEYS_FILENAME);
// check if authorized keys already contains the client key
bool clientCurrentlyLoaded = IsClientCurrentlyLoaded(clientName);
// aggiunta della nuova chiave ad authorized_keys
if (clientCurrentlyLoaded)
{
Console.WriteLine($"Unloading {clientName} key.");
RemoveAuthorizedKey(clientName);
// upload di authorized_keys
sftp.UploadFile(sftpConnectionData, Constants.TEMP_AUTHORIZED_KEYS_FILENAME, authorizedKeyPath);
}
}
}
public void UnloadClientKeys(List <string> clientNames)
{
SshConnectionData sftpConnectionData = GetSftpConnectionData();
foreach (string clientName in clientNames)
{
SshKeysManagement.UnloadKey(sftpConnectionData, clientName, settings.SshAuthorizedKeysPath);
}
}
public void UploadFile(SshConnectionData connectionData, string localFilePath, string remoteFilePath)
{
using (var sftp = new SftpClient(connectionData.Host, connectionData.Username, connectionData.Password))
{
sftp.Connect();
using (Stream file1 = new FileStream(localFilePath, FileMode.Open))
{
sftp.UploadFile(file1, remoteFilePath, null);
}
}
}
private SshConnectionData GetSftpConnectionData()
{
SshConnectionData connectionData = new SshConnectionData();
connectionData.AuthenticationMode = EnumSshAuthMode.WithPassword;
connectionData.Host = settings.SshHost;
connectionData.Port = settings.SshPort;
connectionData.Username = settings.SshUser;
connectionData.Password = settings.SshPass;
return(connectionData);
}
public void SaveClientKeys(
int portForwarding,
string clientIdentity,
string clientSshPublicKey)
{
// Saving Developer public key to allow its connection to the ssh server
SshConnectionData sftpConnectionData = GetSftpConnectionData();
SshKeysManagement.SaveKeys(
sftpConnectionData,
settings.SshUser,
clientIdentity,
clientSshPublicKey,
settings.SshAuthorizedKeysPath,
portForwarding
);
}
public void DownloadFile(SshConnectionData connectionData, string remoteFilePath, string localFilePath)
{
using (var sftp = new SftpClient(connectionData.Host, connectionData.Username, connectionData.Password))
{
sftp.Connect();
var remoteFolder = System.IO.Path.GetDirectoryName(remoteFilePath);
var remoteFileName = System.IO.Path.GetFileName(remoteFilePath);
if (System.IO.File.Exists(localFilePath))
{
File.Delete(localFilePath);
}
using (Stream streamFile = File.OpenWrite(localFilePath))
{
sftp.DownloadFile(remoteFilePath, streamFile);
}
}
}
public static void SaveKeys(SshConnectionData sftpConnectionData, string sshUsername, string clientName, string publicKey, string authorizedKeyPath, int?forwardingPort)
{
lock (locker)
{
// Inserire quì la connessione ssh e salvataggio della chiave pubblica sul server
// Lo faccio tramite SSH, in questo modo è possibile tenere webserver e server ssh anche separati
SftpHelper sftp = new SftpHelper();
// download authorized_keys
sftp.DownloadFile(sftpConnectionData, authorizedKeyPath, Constants.TEMP_AUTHORIZED_KEYS_FILENAME);
#warning la verifica della presenza funziona, ma non è un metodo efficiente. forse andrebbe fatto a database prima di scaricare il file delle auth
// check if authorized keys already contains the client key
bool clientAlreadyEnabled = IsClientAlreadyEnabled(publicKey, clientName);
// aggiunta della nuova chiave ad authorized_keys
if (!clientAlreadyEnabled)
{
AddKeyToAuthorized(publicKey, clientName, forwardingPort);
// upload di authorized_keys
sftp.UploadFile(sftpConnectionData, Constants.TEMP_AUTHORIZED_KEYS_FILENAME, authorizedKeyPath);
}
}
}
