55 lines
1.4 KiB
Python
Executable file
55 lines
1.4 KiB
Python
Executable file
#!/usr/bin/env python
|
|
""" Password generator module """
|
|
|
|
import os
|
|
import sys
|
|
import string
|
|
from base64 import encodestring
|
|
from random import SystemRandom
|
|
|
|
from Crypto.PublicKey import RSA
|
|
from passlib.hash import sha512_crypt
|
|
|
|
|
|
OUTDIR = "/srv/ansible-private/keystore"
|
|
PUBKEY = "/srv/ansible-private/ssh/id_rsa.pub"
|
|
|
|
|
|
class Passwd(object):
|
|
""" Generate, hash and encrypt passwords """
|
|
|
|
characters = string.ascii_letters + string.digits
|
|
|
|
def __init__(self, length=20):
|
|
self.plain = "".join([SystemRandom().choice(self.characters)\
|
|
for _ in range(length)])
|
|
|
|
def hash(self):
|
|
""" Return sha512 hash of password """
|
|
return sha512_crypt.hash(self.plain, rounds=5000)
|
|
|
|
def encrypt(self, pem):
|
|
""" Return password encrypted with given public key """
|
|
key = RSA.importKey(open(pem, "r").read())
|
|
# docs say encrypt second argument will be ignored
|
|
return encodestring(key.encrypt(self.plain, "x")[0])
|
|
|
|
|
|
def main():
|
|
""" Generate and store password for given host """
|
|
if len(sys.argv) != 2:
|
|
print >>sys.stderr, "Usage: %s <hostname>" % \
|
|
os.path.basename(sys.argv[0])
|
|
sys.exit(1)
|
|
|
|
os.umask(077)
|
|
mypass = Passwd()
|
|
|
|
dest = open(os.path.join(OUTDIR, sys.argv[1] + ".asc"), "w")
|
|
dest.write(mypass.encrypt(PUBKEY))
|
|
dest.close()
|
|
|
|
print mypass.hash()
|
|
|
|
if __name__ == "__main__":
|
|
main()
|