Am 11.01.2012 15:06, schrieb Warren Baker:
On Wed, Jan 11, 2012 at 3:39 PM, [email protected]
<[email protected]> wrote:
Hi,
I'm looking for a way to add one or more public keys to the config.xml using
a script, rather than using the GUI.
Looking at the<authorizedkeys> </authorizedkeys> section in config.xml, it
seems that there is some kind of encryption/compression/conversion/whatever
going on.
It's just using the php function base64_encode() to encode the data -
so it is just MIME base64.
Just in case someone else wants to do the same, here's what I came up
with, thanks to your pointer in the right direction:
xmlstarlet ed --subnode "/pfsense/system/user[uid='0']" --type elem -n
authorizedkeys -v "" /mnt/conf/config.xml | \
xmlstarlet ed -u "/pfsense/system/user[uid='0']/authorizedkeys" -v
"$(grep -v 'command' /path/to/SOURCE_KEYFILE | \
perl -e 'use MIME::Base64; while (<STDIN>) { $i=$i.$_ } ; print
encode_base64($i);'|tr -d "\n")" > /mnt/conf/config-new.xml
The first line makes sure that the tag is present, the second and third
line insert the base64-encoded string into the tag and write the output
to the new config file.
The center part with grep and perl grabs all keys that aren't limited to
a specific command from SOURCE_KEYFILE, base64-encodes them, and cuts
off the newlines (which would cause invalid XML, as it seems).
If anyone with write access to the pfSense wiki thinks this could be
useful, feel free to add it there.
Kind Regards,
Stefan
_______________________________________________
List mailing list
[email protected]
http://lists.pfsense.org/mailman/listinfo/list
