fix: implement persistent SSH key storage with key generation

- Fix 'error in libcrypto' issue by using persistent key files instead of temporary ones - Add SSH key pair generation feature with 'Generate Key Pair' button - Add 'View Public Key' button for generated keys with copy-to-clipboard functionality - Remove confusing 'both' authentication option, now only supports 'password' OR 'key' - Add persistent storage in data/ssh-keys/ directory with proper permissions - Update database schema with ssh_key_path and key_generated columns - Add API endpoints for key generation and public key retrieval - Enhance UX by hiding manual key input when key pair is generated - Update HelpModal documentation to reflect new SSH key features - Fix all TypeScript compilation errors and linting issues Resolves SSH authentication failures during script execution
2025-10-16 15:42:26 +02:00
parent 0e95c125d3
commit 94e97a7366
16 changed files with 874 additions and 271 deletions
--- a/src/app/api/servers/[id]/public-key/route.ts
+++ b/src/app/api/servers/[id]/public-key/route.ts
@@ -0,0 +1,64 @@
+import type { NextRequest } from 'next/server';
+import { NextResponse } from 'next/server';
+import { getDatabase } from '../../../../../server/database';
+import { getSSHService } from '../../../../../server/ssh-service';
+
+export async function GET(
+  request: NextRequest,
+  { params }: { params: Promise<{ id: string }> }
+) {
+  try {
+    const { id: idParam } = await params;
+    const id = parseInt(idParam);
+    if (isNaN(id)) {
+      return NextResponse.json(
+        { error: 'Invalid server ID' },
+        { status: 400 }
+      );
+    }
+
+    const db = getDatabase();
+    const server = db.getServerById(id);
+    
+    if (!server) {
+      return NextResponse.json(
+        { error: 'Server not found' },
+        { status: 404 }
+      );
+    }
+
+    // Only allow viewing public key if it was generated by the system
+    if (!(server as any).key_generated) {
+      return NextResponse.json(
+        { error: 'Public key not available for user-provided keys' },
+        { status: 403 }
+      );
+    }
+
+    if (!(server as any).ssh_key_path) {
+      return NextResponse.json(
+        { error: 'SSH key path not found' },
+        { status: 404 }
+      );
+    }
+
+    const sshService = getSSHService();
+    const publicKey = sshService.getPublicKey((server as any).ssh_key_path as string);
+    
+    return NextResponse.json({
+      success: true,
+      publicKey,
+      serverName: (server as any).name,
+      serverIp: (server as any).ip
+    });
+  } catch (error) {
+    console.error('Error retrieving public key:', error);
+    return NextResponse.json(
+      { 
+        success: false,
+        error: error instanceof Error ? error.message : String(error)
+      },
+      { status: 500 }
+    );
+  }
+}
--- a/src/app/api/servers/[id]/route.ts
+++ b/src/app/api/servers/[id]/route.ts
@@ -52,7 +52,7 @@ export async function PUT(
    }

    const body = await request.json();
-    const { name, ip, user, password, auth_type, ssh_key, ssh_key_passphrase, ssh_port, color }: CreateServerData = body;
+    const { name, ip, user, password, auth_type, ssh_key, ssh_key_passphrase, ssh_port, color, key_generated, ssh_key_path }: CreateServerData = body;

    // Validate required fields
    if (!name || !ip || !user) {
@@ -73,7 +73,7 @@ export async function PUT(
    // Validate authentication based on auth_type
    const authType = auth_type ?? 'password';
    
-    if (authType === 'password' || authType === 'both') {
+    if (authType === 'password') {
      if (!password?.trim()) {
        return NextResponse.json(
          { error: 'Password is required for password authentication' },
@@ -82,7 +82,7 @@ export async function PUT(
      }
    }
    
-    if (authType === 'key' || authType === 'both') {
+    if (authType === 'key') {
      if (!ssh_key?.trim()) {
        return NextResponse.json(
          { error: 'SSH key is required for key authentication' },
@@ -91,15 +91,6 @@ export async function PUT(
      }
    }

-    // Check if at least one authentication method is provided
-    if (authType === 'both') {
-      if (!password?.trim() && !ssh_key?.trim()) {
-        return NextResponse.json(
-          { error: 'At least one authentication method (password or SSH key) is required' },
-          { status: 400 }
-        );
-      }
-    }

    const db = getDatabase();
    
@@ -121,7 +112,9 @@ export async function PUT(
      ssh_key,
      ssh_key_passphrase,
      ssh_port: ssh_port ?? 22,
-      color
+      color,
+      key_generated: key_generated ?? 0,
+      ssh_key_path
    });
    
    return NextResponse.json(
--- a/src/app/api/servers/generate-keypair/route.ts
+++ b/src/app/api/servers/generate-keypair/route.ts
@@ -0,0 +1,32 @@
+import type { NextRequest } from 'next/server';
+import { NextResponse } from 'next/server';
+import { getSSHService } from '../../../../server/ssh-service';
+import { getDatabase } from '../../../../server/database';
+
+export async function POST(_request: NextRequest) {
+  try {
+    const sshService = getSSHService();
+    const db = getDatabase();
+    
+    // Get the next available server ID for key file naming
+    const serverId = db.getNextServerId();
+    
+    const keyPair = await sshService.generateKeyPair(serverId);
+    
+    return NextResponse.json({
+      success: true,
+      privateKey: keyPair.privateKey,
+      publicKey: keyPair.publicKey,
+      serverId: serverId
+    });
+  } catch (error) {
+    console.error('Error generating SSH key pair:', error);
+    return NextResponse.json(
+      { 
+        success: false,
+        error: error instanceof Error ? error.message : 'Failed to generate SSH key pair'
+      },
+      { status: 500 }
+    );
+  }
+}
--- a/src/app/api/servers/route.ts
+++ b/src/app/api/servers/route.ts
@@ -20,7 +20,7 @@ export async function GET() {
 export async function POST(request: NextRequest) {
  try {
    const body = await request.json();
-    const { name, ip, user, password, auth_type, ssh_key, ssh_key_passphrase, ssh_port, color }: CreateServerData = body;
+    const { name, ip, user, password, auth_type, ssh_key, ssh_key_passphrase, ssh_port, color, key_generated, ssh_key_path }: CreateServerData = body;

    // Validate required fields
    if (!name || !ip || !user) {
@@ -41,7 +41,7 @@ export async function POST(request: NextRequest) {
    // Validate authentication based on auth_type
    const authType = auth_type ?? 'password';
    
-    if (authType === 'password' || authType === 'both') {
+    if (authType === 'password') {
      if (!password?.trim()) {
        return NextResponse.json(
          { error: 'Password is required for password authentication' },
@@ -50,7 +50,7 @@ export async function POST(request: NextRequest) {
      }
    }
    
-    if (authType === 'key' || authType === 'both') {
+    if (authType === 'key') {
      if (!ssh_key?.trim()) {
        return NextResponse.json(
          { error: 'SSH key is required for key authentication' },
@@ -59,15 +59,6 @@ export async function POST(request: NextRequest) {
      }
    }

-    // Check if at least one authentication method is provided
-    if (authType === 'both') {
-      if (!password?.trim() && !ssh_key?.trim()) {
-        return NextResponse.json(
-          { error: 'At least one authentication method (password or SSH key) is required' },
-          { status: 400 }
-        );
-      }
-    }

    const db = getDatabase();
    const result = db.createServer({ 
@@ -79,7 +70,9 @@ export async function POST(request: NextRequest) {
      ssh_key,
      ssh_key_passphrase,
      ssh_port: ssh_port ?? 22,
-      color
+      color,
+      key_generated: key_generated ?? 0,
+      ssh_key_path
    });
    
    return NextResponse.json(