From c38fcfab61b2c38bdd2aaac10adbbc23a08cd30d Mon Sep 17 00:00:00 2001
From: Andrew Cady <d@jerkface.net>
Date: Sat, 9 Oct 2021 21:51:21 -0400
Subject: update-host-keys test/diagnostic program

---
 notes/update-host-keys | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100755 notes/update-host-keys

diff --git a/notes/update-host-keys b/notes/update-host-keys
new file mode 100755
index 0000000..4ef0e0b
--- /dev/null
+++ b/notes/update-host-keys
@@ -0,0 +1,26 @@
+#!/bin/sh
+set -e
+_TEMP_DIR_=$(mktemp -d)
+cd "$_TEMP_DIR_"
+trap 'rm -rf "$_TEMP_DIR_"' EXIT
+host=${1:-borges}
+ssh-keygen -F "${host#*@}" | grep -v '^#' > ssh_known_hosts 2>/dev/null
+touch ssh_known_hosts.stamp -r ssh_known_hosts
+
+ssh()
+{
+    command ssh \
+        -F /dev/null \
+        -o GlobalKnownHostsFile=$PWD/ssh_known_hosts \
+        -o UserKnownHostsFile=$PWD/ssh_known_hosts \
+        -o UpdateHostKeys=yes \
+        -o PasswordAuthentication=no \
+        -o StrictHostKeyChecking=yes \
+        "$@"
+}
+
+have=ecdsa-sha2-nistp256
+want=rsa-sha2-256
+ssh -q -n "$host" || true
+
+cat ssh_known_hosts
-- 
cgit v1.2.3