the-bastion/bin/plugin/open/selfGenerateEgressKey

#! /usr/bin/env perl
# vim: set filetype=perl ts=4 sw=4 sts=4 et:
use common::sense;
use Term::ReadKey;

use File::Basename;
use lib dirname(__FILE__) . '/../../../lib/perl';
use OVH::Result;
use OVH::Bastion;
use OVH::Bastion::Plugin qw( :DEFAULT );
use OVH::Bastion::Plugin::generateEgressKey;

my $remainingOptions = OVH::Bastion::Plugin::begin(
    argv    => \@ARGV,
    header  => "generating a new key pair for your account",
    options => {
        "algo=s"    => \my $algo,
        "size=i"    => \my $size,
        "encrypted" => \my $encrypted,
    },
    help => \&help,
);

sub help {
    my $text = <<"EOF";
Create a new public + private key pair on your bastion account

Usage: --osh $scriptName --algo ALGO --size SIZE [--encrypted]

  --algo ALGO  Specifies the algo of the key, either rsa, ecdsa or ed25519.

  --size SIZE  Specifies the size of the key to be generated.
               For RSA, choose between 2048 and 8192 (4096 is good).
               For ECDSA, choose either 256, 384 or 521.
               For ED25519, size is always 256.

  --encrypted  if specified, a passphrase will be prompted for the new key

EOF
    osh_info($text);
    OVH::Bastion::Plugin::generateEgressKey::help_algos();
    return 1;
}

#
# code
#
my $fnret;

$fnret = OVH::Bastion::Plugin::generateEgressKey::preconditions(
    context => 'account',
    account => $self,
    algo    => $algo,
    size    => $size
);
if ($fnret->err eq 'ERR_MISSING_PARAMETER') {
    help();
    osh_exit(R('ERR_MISSING_PARAMETER', msg => "Missing the 'algo' or 'size' parameter'"));
}
$fnret or osh_exit $fnret;

($algo, $size) = @{$fnret->value}{qw{ algo size }};

my $passphrase = '';    # empty by default
if ($encrypted) {
    $fnret = OVH::Bastion::Plugin::generateEgressKey::ask_passphrase();
    $fnret or osh_exit $fnret;
    $passphrase = $fnret->value;
}

osh_info "Generating your key, this might take a while...";
$fnret = OVH::Bastion::generate_ssh_key(
    folder     => OVH::Bastion::get_home_from_env()->value . '/.ssh',
    prefix     => 'private',
    name       => $self,
    algo       => $algo,
    size       => $size,
    passphrase => $passphrase,
);
$fnret or osh_exit $fnret;

osh_info "You new key pair has been generated:\n";
$fnret = OVH::Bastion::get_ssh_pub_key_info(file => $fnret->value->{'file'} . ".pub", way => "egress");
$fnret or osh_exit $fnret;

my $key = $fnret->value;

$fnret = OVH::Bastion::get_bastion_ips();
$fnret or osh_exit $fnret;

$key->{'prefix'} = 'from="' . join(',', @{$fnret->value}) . '"';

OVH::Bastion::print_public_key(key => $key);

osh_ok($key);