Add validate_ssh_public_keys

validate format of SSH public keys using ssh-keygen -l and temp files.
2025-06-02 17:13:01 +00:00 · 2016-04-05 09:29:51 +02:00 · 2016-04-05 09:29:51 +02:00 · 48df47a466
commit 48df47a466
parent 344c19ff41
1 changed files with 15 additions and 0 deletions
--- a/src/PVE/Tools.pm
+++ b/src/PVE/Tools.pm
@ -1307,4 +1307,19 @@ sub tempfile_contents {
    return ("/proc/$$/fd/".$fh->fileno, $fh);
 }

+sub validate_ssh_public_keys {
+    my ($raw) = @_;
+    my @lines = split(/\n/, $raw);
+
+    foreach my $line (@lines) {
+	next if $line =~ m/^\s*$/;
+	eval {
+	    my ($filename, $handle) = tempfile_contents($line);
+	    run_command(["ssh-keygen", "-l", "-f", $filename],
+			outfunc => sub {}, errfunc => sub {});
+	};
+	die "SSH public key validation error\n" if $@;
+    }
+}
+
 1;