geofront.masterkey — Master key management

Master key renewal process:

  1. Create a new master key without updating the master key store.
  2. Update every authorized_keys to authorize both the previous and the new master keys.
  3. Store the new master key to the master key store, and remove the previous master key.
  4. Update very authorized_keys to authorize only the new master key.

For more details, see also TwoPhaseRenewal.

Changed in version 0.2.0: CloudMasterKeyStore is moved from this module to geofront.backends.cloud. See CloudMasterKeyStore.

exception geofront.masterkey.EmptyStoreError

Exception that rises when there’s no master key yet in the store.

class geofront.masterkey.FileSystemMasterKeyStore(path: str)

Store the master key into the file system. Although not that secure, but it might help you to evaluate Geofront.

Parameters:path (str) – the path to save file. it has to end with the filename
Raises OSError:when the path is not writable
class geofront.masterkey.MasterKeyStore

The master key store backend interface. It can have only one master key at the most.

load() → paramiko.pkey.PKey

Load the stored master key.

Returns:the stored master key
Return type:paramiko.pkey.PKey
Raises geofront.masterkey.EmptyStoreError:
 when there’s no master key yet in the store
save(master_key: paramiko.pkey.PKey)

Remove the stored master key, and then save the new master key. The operation should be atomic.

Parameters:master_key (paramiko.pkey.PKey) – the new master key to replace the existing master key
class geofront.masterkey.PeriodicalRenewal(servers: collections.abc.Set, key_store: geofront.masterkey.MasterKeyStore, interval: datetime.timedelta, bits: int=2048, start: bool=True)

Periodically renew the master key in the separated background thread.

Parameters:
  • servers (collections.abc.Set) – servers to renew the master key. every element has to be an instance of Remote
  • key_store (MasterKeyStore) – the master key store to update
  • interval (datetime.timedelta) – the interval to renew
  • bits (int) – the number of bits the generated key should be. it has to be 1024 at least, and a multiple of 256. 2048 by default
  • start (bool) – whether to start the background thread immediately. True by default

New in version 0.2.0: The bits optional parameter.

terminate()

Graceful termination.

class geofront.masterkey.TwoPhaseRenewal(servers: collections.abc.Set, old_key: paramiko.pkey.PKey, new_key: paramiko.pkey.PKey)

Renew the master key for the given servers. It’s a context manager for with statement.

# State: servers allow only old_key;
#        old_key is in the master_key_store
with TwoPhaseRenewal(servers, old_key, new_key):
    # State: *servers allow both old_key and new_key;*
    #        old_key is in the master_key_store
    master_key_store.save(new_key)
    # State: servers allow both old_key and new_key;
    #        *new_key is in the master_key_store.*
# State: *servers allow only new_key;*
#        new_key is in the master_key_store
Parameters:
geofront.masterkey.read_private_key_file(file_: io.IOBase) → paramiko.pkey.PKey

Read a private key file. Similar to PKey.from_private_key() except it guess the key type.

Parameters:file (io.IOBase) – a stream of the private key to read
Returns:the read private key
Return type:paramiko.pkey.PKery
Raises paramiko.ssh_exception.SSHException:
 when something goes wrong
geofront.masterkey.renew_master_key(servers: collections.abc.Set, key_store: geofront.masterkey.MasterKeyStore, bits: int=2048) → paramiko.pkey.PKey

Renew the master key. It creates a new master key, makes servers to authorize the new key, replaces the existing master key with the new key in the key_store, and then makes servers to deauthorize the old key. All these operations are done in a two-phase renewal transaction.

Parameters:
  • servers (collections.abc.Set) – servers to renew the master key. every element has to be an instance of Remote
  • key_store (MasterKeyStore) – the master key store to update
  • bits (int) – the number of bits the generated key should be. it has to be 1024 at least, and a multiple of 256. 2048 by default
Returns:

the created new master key

Return type:

paramiko.pkey.PKey

New in version 0.2.0: The bits optional parameter.