/** * Regenerate SSH key * * @param int $sshKeyId * @throws Exception */ public function regenerateAction($sshKeyId) { $this->request->restrictAccess(Acl::RESOURCE_SECURITY_SSH_KEYS, Acl::PERM_SECURITY_SSH_KEYS_MANAGE); $env = $this->getEnvironment(); /* @var $sshKey SshKey */ $sshKey = SshKey::findPk($sshKeyId); $this->checkPermissions($sshKey, true); if ($sshKey->type == SshKey::TYPE_GLOBAL) { if ($sshKey->platform == SERVER_PLATFORMS::EC2) { $aws = $env->aws($sshKey->cloudLocation); $aws->ec2->keyPair->delete($sshKey->cloudKeyName); $result = $aws->ec2->keyPair->create($sshKey->cloudKeyName); $oldKey = $sshKey->publicKey; if (!empty($result->keyMaterial)) { $sshKey->privateKey = $result->keyMaterial; $pubKey = $sshKey->generatePublicKey(); if (!$pubKey) { throw new Exception("Keypair generation failed"); } $sshKey->publicKey = $pubKey; $sshKey->save(); $dbFarm = DBFarm::LoadByID($sshKey->farmId); $servers = $dbFarm->GetServersByFilter(array('platform' => SERVER_PLATFORMS::EC2, 'status' => array(SERVER_STATUS::RUNNING, SERVER_STATUS::INIT, SERVER_STATUS::PENDING))); foreach ($servers as $dbServer) { if ($dbServer->GetCloudLocation() == $sshKey->cloudLocation) { $msg = new Scalr_Messaging_Msg_UpdateSshAuthorizedKeys(array($pubKey), array($oldKey)); $dbServer->SendMessage($msg); } } $this->response->success(); } } else { //TODO: regenerate ssh key for the different platforms } } else { //TODO: } }
/** * Download public key * * @param int $sshKeyId * @throws Scalr_Exception_InsufficientPermissions * @throws Scalr_UI_Exception_NotFound * @throws Exception */ public function downloadPublicAction($sshKeyId) { /** @var SshKey $sshKey */ $sshKey = SshKey::findPk($sshKeyId); if (!$sshKey) { throw new Exception("SSH key not found in database"); } $this->user->getPermissions()->validate($sshKey); if (!$sshKey->publicKey) { $sshKey->generatePublicKey(); } if ($sshKey->cloudLocation) { $fileName = "{$sshKey->cloudKeyName}.{$sshKey->cloudLocation}.pub"; } else { $fileName = "{$sshKey->cloudKeyName}.pub"; } $this->response->setHeader('Pragma', 'private'); $this->response->setHeader('Cache-control', 'private, must-revalidate'); $this->response->setHeader('Content-type', 'plain/text'); $this->response->setHeader('Content-Disposition', 'attachment; filename="' . $fileName . '"'); $this->response->setHeader('Content-Length', strlen($sshKey->publicKey)); $this->response->setResponse($sshKey->publicKey); }