diff options
author | Andrew Cady <d@jerkface.net> | 2021-09-30 12:22:14 -0400 |
---|---|---|
committer | Andrew Cady <d@jerkface.net> | 2021-09-30 12:22:14 -0400 |
commit | 07c5d1bd135ecee48f61334c25ac357234e9ced8 (patch) | |
tree | fdd5a3b18ff974cd9059c02dc90bb399a29e2f60 /selfpublish.sh | |
parent | 8a6d22a96cfa36f2198f53be8270c29140aa09c7 (diff) |
only show one key
Diffstat (limited to 'selfpublish.sh')
-rw-r--r-- | selfpublish.sh | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/selfpublish.sh b/selfpublish.sh index aa13fce..c24c9b7 100644 --- a/selfpublish.sh +++ b/selfpublish.sh | |||
@@ -1,7 +1,6 @@ | |||
1 | #!/bin/sh | 1 | #!/bin/sh |
2 | set -e | 2 | set -e |
3 | 3 | ||
4 | DEFAULT_AUTH_TYPE=ed25519 | ||
5 | DYNDNSHOST=cryptonomic.net | 4 | DYNDNSHOST=cryptonomic.net |
6 | DEFAULT_UPSTREAM=d@cryptonomic.net:public_git/selfpublish.sh | 5 | DEFAULT_UPSTREAM=d@cryptonomic.net:public_git/selfpublish.sh |
7 | 6 | ||
@@ -407,9 +406,11 @@ EOF | |||
407 | set -e | 406 | set -e |
408 | 407 | ||
409 | DOMAIN=cryptonomic.net | 408 | DOMAIN=cryptonomic.net |
410 | DEFAULT_AUTH_TYPE=ed25519 | ||
411 | HASH_TYPE=2 | 409 | HASH_TYPE=2 |
412 | HOSTNAME=$(hostname --short) | 410 | HOSTNAME=$(hostname --short) |
411 | KEY_TYPE=ed25519 | ||
412 | KEY_FILE=/etc/ssh/ssh_host_${KEY_TYPE}_key | ||
413 | HostKeyAlgorithm=ssh-ed25519 | ||
413 | 414 | ||
414 | die() { echo "$0: Error: $*" >&2; exit 1; } | 415 | die() { echo "$0: Error: $*" >&2; exit 1; } |
415 | 416 | ||
@@ -422,7 +423,7 @@ get_domain() | |||
422 | { | 423 | { |
423 | get_sshfp "$1" | 424 | get_sshfp "$1" |
424 | 425 | ||
425 | domain=$(printf %s.%s.%s "$sshfp_b32" "$DEFAULT_AUTH_TYPE" "$DOMAIN" | tail -c64) | 426 | domain=$(printf %s.%s.%s "$sshfp_b32" "$KEY_TYPE" "$DOMAIN" | tail -c64) |
426 | domain=$(printf %s.%s "$HOSTNAME" "$domain") | 427 | domain=$(printf %s.%s "$HOSTNAME" "$domain") |
427 | } | 428 | } |
428 | 429 | ||
@@ -445,21 +446,19 @@ withsetx() | |||
445 | "$@" | indent | 446 | "$@" | indent |
446 | } | 447 | } |
447 | 448 | ||
448 | KEY_FILE=/etc/ssh/ssh_host_${DEFAULT_AUTH_TYPE}_key | ||
449 | |||
450 | delegate_command=/usr/lib/cryptonomic/cryptonomic-$1 | 449 | delegate_command=/usr/lib/cryptonomic/cryptonomic-$1 |
451 | 450 | ||
452 | if [ $# = 0 ] | 451 | if [ $# = 0 ] |
453 | then | 452 | then |
454 | hostname=$(cryptonomic hostname) | 453 | hostname=$(cryptonomic hostname) |
455 | uid=$(id -un)@${hostname} | 454 | uid=$(id -un)@${hostname} |
456 | 2>/dev/null withsetx ssh-keyscan "$hostname" | 455 | 2>/dev/null withsetx ssh-keyscan -t "${HostKeyAlgorithm}" "$hostname" |
457 | 2>/dev/null withsetx dig +nocmd -taaaa "$hostname" +noall +answer | 456 | 2>/dev/null withsetx dig +nocmd -taaaa "$hostname" +noall +answer |
458 | 2>/dev/null withsetx dig +nocmd "$hostname" +noall +answer | 457 | 2>/dev/null withsetx dig +nocmd "$hostname" +noall +answer |
459 | 2>&1 withsetx gpg --locate-keys "$uid" | 458 | 2>&1 withsetx gpg --locate-keys "$uid" |
460 | 2>/dev/null withsetx delv @1.1.1.1 -t sshfp "$hostname" | 459 | 2>/dev/null withsetx delv @1.1.1.1 -t sshfp "$hostname" |
461 | export hostname | 460 | export hostname HostKeyAlgorithm |
462 | 2>&1 withsetx sh -c 'ssh -v -i /dev/null -o BatchMode=yes -o HostKeyAlgorithms=ssh-ed25519 -o VerifyHostKeyDNS=yes -o GlobalKnownHostsFile=/dev/null -o UserKnownHostsFile=/dev/null "$hostname" -- true 2>&1 | tee cryptonomic.ssh.$$.log | egrep "DNS|Server host key|match:|Connecting to|Connection|Authenticating to"' | 461 | 2>&1 withsetx sh -c 'ssh -v -i /dev/null -o BatchMode=yes -o HostKeyAlgorithms=${HostKeyAlgorithm} -o VerifyHostKeyDNS=yes -o GlobalKnownHostsFile=/dev/null -o UserKnownHostsFile=/dev/null "$hostname" -- true 2>&1 | tee cryptonomic.ssh.$$.log | egrep "DNS|Server host key|match:|Connecting to|Connection|Authenticating to"' |
463 | 462 | ||
464 | elif [ "$1" = hostname ] | 463 | elif [ "$1" = hostname ] |
465 | then | 464 | then |