sshkeys: Require an option to set ssh keys for a non-ssh: acocunt

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>

diff --git a/src/bin/otter.rs b/src/bin/otter.rs
index 10d6333b6cd365b14916b6a91c9c9b99ae2459ab..1a2e181ddc5d1f815fd3565d6e3207e07a74d7d0 100644 (file)
--- a/src/bin/otter.rs
+++ b/src/bin/otter.rs
@@ -6,7 +6,6 @@
 
 pub type MgmtChannel = ClientMgmtChannel;
 
-// xxx ssh keys: need a force option to set key for non ssh: account
 // xxx make default account be ssh:<user>: rather than unix:<user>: if we are passed --ssh
 
 use otter::imports::*;
@@ -2004,6 +2003,7 @@ mod set_ssh_keys {
   #[derive(Default,Debug)]
   struct Args {
     add: bool,
+    allow_non_ssh: bool,
     remove_current: bool,
     keys: String,
   }
@@ -2014,6 +2014,9 @@ mod set_ssh_keys {
     ap.refer(&mut sa.add)
       .add_option(&["--add"],StoreTrue,
                   "add keys, only (ie, leave all existing keys)");
+    ap.refer(&mut sa.allow_non_ssh)
+      .add_option(&["--allow-non-ssh-account"],StoreTrue,
+                  "allow settings ssh key access for a non-ssh: account");
     ap.refer(&mut sa.remove_current)
       .add_option(&["--allow-remove-current"],StoreTrue,
                   "allow removing the key currently being used for access");
@@ -2032,6 +2035,11 @@ mod set_ssh_keys {
     if ! ma.account.subaccount.is_empty() {
       throw!(ME::NoSshKeysForSubaccount);
     }
+    let is_ssh_account = matches!(ma.account.scope, AS::Ssh{..});
+    if ! (args.allow_non_ssh || is_ssh_account) {
+      throw!(anyhow!("not setting ssh keys for non-ssh: account; \
+                      use --allow-non-ssh-account to override"));
+    }
 
     conn.prep_access_account(&ma, false)?;