ssh: Add the error of ssh-keyscan to the verification view

This commit takes the stderr of `ssh-keyscan` (in case of a returncode thats not zero) and stores it as as string in the form object. The view then displays the information as preformatted text in a warning class. Signed-off-by: Birger Schacht <birger@rantanplan.org> [sunil: Cosmetic: variable name change for consistent naming] [sunil: <pre> can't be inside <p>, keep it out] Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
2026-01-21 07:55:00 +00:00 · 2019-11-07 15:12:56 +01:00 · 2019-11-07 15:12:56 +01:00 · 7eb6d23e83
commit 7eb6d23e83
parent 25bcee6488
2 changed files with 8 additions and 4 deletions
--- a/plinth/modules/backups/forms.py
+++ b/plinth/modules/backups/forms.py
@ -233,8 +233,8 @@ class VerifySshHostkeyForm(forms.Form):
        """Initialize the form with selectable apps."""
        hostname = kwargs.pop('hostname')
        super().__init__(*args, **kwargs)
-        self.fields['ssh_public_key'].choices = self._get_all_public_keys(
-            hostname)
+        (self.fields['ssh_public_key'].choices,
+         self.keyscan_error) = self._get_all_public_keys(hostname)

    @staticmethod
    def _get_all_public_keys(hostname):
@ -242,11 +242,12 @@ class VerifySshHostkeyForm(forms.Form):
        # Fetch public keys of ssh remote
        keyscan = subprocess.run(['ssh-keyscan', hostname],
                                 stdout=subprocess.PIPE,
-                                 stderr=subprocess.DEVNULL)
+                                 stderr=subprocess.PIPE)
        keys = keyscan.stdout.decode().splitlines()
+        error_message = keyscan.stderr.decode() if keyscan.returncode else None
        # Generate user-friendly fingerprints of public keys
        keygen = subprocess.run(['ssh-keygen', '-l', '-f', '-'],
                                input=keyscan.stdout, stdout=subprocess.PIPE)
        fingerprints = keygen.stdout.decode().splitlines()

-        return zip(keys, fingerprints)
+        return zip(keys, fingerprints), error_message
--- a/plinth/modules/backups/templates/verify_ssh_hostkey.html
+++ b/plinth/modules/backups/templates/verify_ssh_hostkey.html
@ -35,6 +35,9 @@
          is up and accepting connections.
        {% endblocktrans %}
      </p>
+      {% if form.keyscan_error %}
+        <pre class="alert alert-danger">{{ form.keyscan_error }}</pre>
+      {% endif %}
    {% else %}
      <p>
        The authenticity of SSH host {{ hostname }} could not be established. The host advertises the following SSH public keys. Please verify any one of them.