make symlink if authorized_keys exist (dedis#811)

* make symlink if authorized_keys doesnt exist

* update readme

* updated comments

cisc/README.md

@@ -1,8 +1,8 @@
 # CISC - Cisc Identity SkipChain
 
 ## Description
-Cisc is uses a personal blockchain handled by the cothority. It
- can store any key/value pairs, and has a special module for managing
+Cisc uses a personal blockchain handled by the cothority. It
+ can store key/value pairs, and has a special module for managing
  ssh-public-keys.
 
 Based upon skipchains, cisc serves a data-block with different entries that can be handled by a number of devices who propose changes and cryptographically vote to approve or deny those changes. Different data-types exist that will interpret the data-block and offer a service.
@@ -11,15 +11,18 @@ Besides having devices that can vote on changes, simple followers can download t
 
 For further convenience, a simple mechanism allows for grouping identities with a shared voting-power.
 
-## Command reference
+# Command reference
+
 Cisc takes different commands and sub-commands with arguments. The main commands are:
   * Id - manages the identities this device is connected to
-  * Data - handles the data of the identities this device is connected to
+  * Config - handles the data of the identities this device is connected to
   * Ssh - interfaces the ssh-data of the identities
   * Kv - direct key/value pair editing
+  * Follow - for servers or other computers that want to follow a Skipchain
+
+## cisc id
 
-### cisc id
-Each device can be connected to one identity but linked to multiple identities. You can manage the connections with cisc id followed by:
+Each device can be _connected_ to one identity but _linked_ to multiple identities. You can manage the connections with cisc id followed by:
   * Create - asks the skipchain to create a new identity and returns its id#. It also connects to that identity.
   * Connect - will ask the devices of the remote skipwchain to vote on the inclusion of this device in the skipchain - each device can only be connected to one identity
 
@@ -30,13 +33,13 @@ For later:
   * Link - like connect, but all devices of the identity share one vote
 The group-skipchains have to be defined.
 
-### cisc data
+## cisc config
 Each identity, connected or linked, has data attached to it that can be updated, modified and voted upon. To modify the data, you need to use the appropriate commands (ssh and password). To update and vote, you can use cisc data followed by:
   * Update - fetches the latest data from all identities from the skipchain as well as all proposed data (the ones which are not yet voted upon)
   * List - updates and lists all data associated with all identities
   * Vote - sends a positive vote or a rejection for a specific update-proposition
 
-### cisc ssh
+## cisc ssh
 The ssh-data-type allows for an easy handling of multiple ssh-identities over a range of devices. It uses the ~/.ssh/config to get the list of ssh-identities on this device. In addition to the usual configurations, each ssh-identity can be preceded by a commented line
 ```
 #cisc - ID#
@@ -48,11 +51,39 @@ The different sub-commands for cisc ssh are:
   * Del - removes an entry in the ~/.ssh/config file and proposes the new data
   * List - shows all connections for this device
 
-### cisc kv
+## cisc kv
 The kv-data-type simply holds a map of key/value pairs that are shared by all devices of the identity. This can be for example the login/password, where the password would be encrypted with a master-password of course.
 
 cisc kv has the following subcommands:
   * List - returns a list of all keys pairs
   * Value - returns the value of a given key
   * Add - adds a key/value pair by proposing the new data to the identity
   * Rm - removes a key/value pair by proposing the new data to the identity
+
+## cisc follow
+A server can set up cisc to follow a skipchain and update the 
+`authorized_keys.cisc`-file whenever a change in the list of ssh-keys occurs.
+For convenience, cisc writes to `authorized_keys.cisc`, so that you can keep
+your own keys, too. If you don't have a `authorized_keys`-file, cisc will
+create a symlink that points to `authorized_keys.cisc`. In case you want
+to use both files, we suggest that you add
+
+```conf
+AuthorizedKeysFile ~/.ssh/authorized_keys ~/.ssh/authorized_keys.cisc
+```
+
+to your `/etc/ssh/sshd_config`. Now sshd will read both files and allow
+any key that is present in either of the files.
+
+`cisc follow` has the following subcommands:
+  * add - takes `group.toml`, `Skipchain-ID` and `service-name` as an
+  argument. It connects to one of the servers in `group.toml` and fetches
+  the skipchain with `Skipchain-ID`. All ssh-keys referencing `service-name`
+  will be written to `~/.ssh/authorized_keys.cisc`
+  * del - takes `Skipchain-ID` as an argument and removes the reference to
+  that skipchain
+  * list - prints a list of all connected skipchains and the keys stored
+  in them
+  * update [-p interval] - looks for updates of one of the skipchains. In
+   case it finds a change in the ssh-keys, it will update 
+   `~/.ssh/authorized_keys.cisc`

cisc/cisc.go

@@ -238,10 +238,22 @@ func kvDel(c *cli.Context) error {
 /*
  * Commands related to the ssh-handling. All ssh-keys are stored in the
  * identity-sc as
- * ssh:device:server / ssh_public_key
+ *
+ *   ssh:device:server = ssh_public_key
+ *
  * where 'ssh' is a fixed string, 'device' is the device where the private
  * key is stored and 'server' the server that should add the public key to
  * its authorized_keys.
+ *
+ * For safety reasons, this function saves to authorized_keys.cisc instead
+ * of overwriting authorized_keys. If authorized_keys doesn't exist,
+ * a symbolic link to authorized_keys.cisc is created.
+ *
+ * If you want to use your own authorized_keys but also allow keys in
+ * authorized_keys.cisc to log in to your system, you can add the following
+ * line to /etc/ssh/sshd_config
+ *
+ *   AuthorizedKeysFile ~/.ssh/authorized_keys ~/.ssh/authorized_keys.cisc
  */
 func sshAdd(c *cli.Context) error {
 	cfg := loadConfigOrFail(c)

cisc/lib.go

@@ -13,6 +13,8 @@ import (
 
 	"strings"
 
+	"path/filepath"
+
 	"github.com/dedis/cothority/identity"
 	"gopkg.in/dedis/onet.v1"
 	"gopkg.in/dedis/onet.v1/app"
@@ -94,18 +96,18 @@ func (cfg *ciscConfig) proposeSendVoteUpdate(p *identity.Config) {
 	log.ErrFatal(cfg.ConfigUpdate())
 }
 
-// writes the ssh-keys to an 'authorized_keys'-file
+// writes the ssh-keys to an 'authorized_keys.cisc'-file. If
+// `authorized_keys` doesn't exist, it will be created as a
+// soft-link pointing to `authorized_keys.cisc`.
 func (cfg *ciscConfig) writeAuthorizedKeys(c *cli.Context) {
 	var keys []string
 	dir, _ := sshDirConfig(c)
-	authFile := dir + "/authorized_keys"
-	// Make backup
-	b, err := ioutil.ReadFile(authFile)
-	if err == nil {
-		err = ioutil.WriteFile(authFile+".back", b, 0600)
-		log.ErrFatal(err)
+	authKeys := filepath.Join(dir, "authorized_keys")
+	authKeysCisc := authKeys + ".cisc"
+	if _, err := os.Stat(authKeys); os.IsNotExist(err) {
+		log.Info("Making link from authorized_keys to authorized_keys.cisc")
+		os.Symlink(authKeysCisc, authKeys)
 	}
-	log.Info("Made a backup of your", authFile, "before creating new one.")
 	for _, f := range cfg.Follow {
 		log.Lvlf2("Parsing IC %x", f.ID)
 		for _, s := range f.Config.GetIntermediateColumn("ssh", f.DeviceName) {
@@ -115,7 +117,7 @@ func (cfg *ciscConfig) writeAuthorizedKeys(c *cli.Context) {
 			keys = append(keys, pub+" "+s+"@"+f.DeviceName)
 		}
 	}
-	err = ioutil.WriteFile(authFile,
+	err := ioutil.WriteFile(authKeysCisc,
 		[]byte(strings.Join(keys, "\n")), 0600)
 	log.ErrFatal(err)
 }

cisc/test.sh

@@ -25,6 +25,7 @@ main(){
 	test SSHAdd
 	test SSHDel
 	test Follow
+	test SymLink
 	test Revoke
     stopTest
 }
@@ -42,24 +43,38 @@ testRevoke(){
 	testOK runCl 1 config update
 }
 
+testSymLink(){
+	clientSetup 1
+	testFail [ -L cl3/authorized_keys ]
+	testNFile cl3/authorized_keys.cisc
+	testOK runCl 3 follow add public.toml $ID service1
+	testOK [ -L cl3/authorized_keys ]
+	testFile cl3/authorized_keys.cisc
+	rm cl3/authorized*
+	echo my_secret_ssh_key > cl3/authorized_keys
+	runCl 3 follow add public.toml $ID service1
+	testFile cl3/authorized_keys
+	testFile cl3/authorized_keys.cisc
+}
+
 testFollow(){
 	clientSetup 1
 	echo ID is $ID
-	testNFile cl3/authorized_keys
+	testNFile cl3/authorized_keys.cisc
 	testFail runCl 3 follow add public.toml 1234 service1
 	testOK runCl 3 follow add public.toml $ID service1
-	testFail grep -q service1 cl3/authorized_keys
+	testFail grep -q service1 cl3/authorized_keys.cisc
 	testNGrep client1 runCl 3 follow list
 	testGrep $ID runCl 3 follow list
 	testOK runCl 1 ssh add service1
 	testOK runCl 3 follow update
-	testOK grep -q service1 cl3/authorized_keys
+	testOK grep -q service1 cl3/authorized_keys.cisc
 	testGrep service1 runCl 3 follow list
 	testReGrep client1
 	testOK runCl 3 follow rm $ID
 	testNGrep client1 runCl 3 follow list
 	testReNGrep service1
-	testFail grep -q service1 cl3/authorized_keys
+	testFail grep -q service1 cl3/authorized_keys.cisc
 }
 
 testSSHDel(){