diff options
author | Andrew Cady <d@jerkface.net> | 2021-10-10 03:56:05 -0400 |
---|---|---|
committer | Andrew Cady <d@jerkface.net> | 2021-10-10 03:56:05 -0400 |
commit | 7bb61d2fe0cf56dd1230ea60cf8141e0ae363ee3 (patch) | |
tree | 6c46b9deb965a244470e7b95bce031f010bc74af | |
parent | 87d4cf6499d009ef927e282fd69a7371be283370 (diff) |
improve get-host-keys more
-rwxr-xr-x | get-host-keys | 44 |
1 files changed, 20 insertions, 24 deletions
diff --git a/get-host-keys b/get-host-keys index 90a44db..1133565 100755 --- a/get-host-keys +++ b/get-host-keys | |||
@@ -34,31 +34,27 @@ crypto_validate_hostname() | |||
34 | local host="$1" t r | 34 | local host="$1" t r |
35 | t=$(mktemp) | 35 | t=$(mktemp) |
36 | case "$host" in | 36 | case "$host" in |
37 | *.ed25519.cryptonomic.net) | 37 | *.ed25519.cryptonomic.net ) ;; |
38 | ssh-keyscan -t ed25519 "$host" 2>/dev/null | while read h keytype keydata comment | 38 | * ) die "unsupported hostname: $host" ;; |
39 | do | ||
40 | case "$h $keytype" in | ||
41 | "$host ssh-ed25519") | ||
42 | echo "$keytype $keydata" >> "$t" | ||
43 | break | ||
44 | ;; | ||
45 | esac | ||
46 | done ;; | ||
47 | *) die "unsupported hostname: $host" ;; | ||
48 | esac | 39 | esac |
49 | if validated=$(to_domain_suffix "$t") | 40 | ssh-keyscan -t ed25519 "$host" 2>/dev/null | ( |
50 | then | 41 | while read h keytype keydata comment |
51 | case "$host" in | 42 | do |
52 | "$validated" | *."$validated" ) | 43 | [ "$h $keytype" = "$host ssh-ed25519" ] || continue |
53 | read line < "$t" | 44 | echo "$keytype $keydata" > "$t" |
54 | echo "$host $line" | 45 | validated=$(to_domain_suffix "$t") || continue |
55 | rm -f "$t" | 46 | case "$host" in |
56 | return 0 | 47 | "$validated" | *."$validated" ) |
57 | ;; | 48 | read line < "$t" |
58 | esac | 49 | echo "$host $line" |
59 | fi | 50 | rm -f "$t" |
60 | rm -f "$t" | 51 | exit 0 |
61 | false | 52 | ;; |
53 | esac | ||
54 | done | ||
55 | rm -f "$t" | ||
56 | exit 1 | ||
57 | ) | ||
62 | } | 58 | } |
63 | 59 | ||
64 | set -e | 60 | set -e |