Define and implement endpoint for creating an operation for creating a key pair

[iviliev]

Related to #104

[iviliev]

I tried this morning to execute ""ssh-keygen -t rsa -b 4096" locally.

Text: C:\Users\IIL>ssh-keygen -t rsa -b 4096 Generating public/private rsa key pair. Enter file in which to save the key (C:\Users\IIL/.ssh/id_rsa): probe Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in probe. Your public key has been saved in probe.pub.

1. Maybe because the folder, where i execute the command, was C:\Users\IIL, the public and the private key were stored in the same folder
2. As there are parameters, which have to be entered manually, it has to be checked how they to be entered programmatically

[iviliev]

From documentation : https://www.ssh.com/academy/ssh/keygen Specifying the File Name Normally, the tool prompts for the file in which to store the key. However, it can also be specified on the command line using the -f option.

ssh-keygen -f ~/tatu-key-ecdsa -t ecdsa -b 521

[kreinhar]

public and private key are always stored in the same folder

[iviliev]

SSH tutorial https://www.digitalocean.com/community/tutorials/how-to-create-ssh-keys-with-openssh-on-macos-or-linux

[iviliev]

Executing ssh command without additonal interaction ssh-keygen -t rsa -b 4096 -f "probe" -P ""

[iviliev]

For testing purposes at the beginning we can create key pair and then get the public key with defining two additional commands in the command_handler.py of the device agent:

        CommandAlias('generate keys', 'ssh-keygen -t rsa -b 4096 -f \"certificates\" -P \"\"'),
        CommandAlias('get public key', 'cat certificates.pub'),            

[iviliev]

Programmically create c8y_Command operation via the java sdk operation.set(new C8yOperationShellCommand(ShellCommand.DUMMY_COMMAND.getCommandText()), "c8y_Command");

[kreinhar]

on going

[iviliev]

With the latest discussions with the guys from Nexus it came out, that not only the key pair has to be created at the device side, but also the csr. So something of the kind has to be executed at the device side as scripts: We shall create a CSR at the device side.

1. I intend to first generate the private/public key pair with this command in pem format. ssh-keygen -t rsa -m pem -b 4096 -f certificates -P ""
2. And then create a CSR with this command. openssl req -new \ -key "certificates.pem \ -out "cert-sign-request.pem \ -extensions v3_req \ -subj "$subject"

so the CommandHandler class has to be extended.

[iviliev]

Two commands were defined in the command handler "generate keys" and "get public key" in the command handler In the branch "extendCommandHandler" of my fork of the device management agent project: https://github.com/iviliev/cumulocity-devicemanagement-agent.git

[iviliev]

So another command has to be defined in order to handle the CSR, and the "get public key"" has to be changed and renamed to return the csr.