From 07c5d1bd135ecee48f61334c25ac357234e9ced8 Mon Sep 17 00:00:00 2001 From: Andrew Cady Date: Thu, 30 Sep 2021 12:22:14 -0400 Subject: only show one key --- selfpublish.sh | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) (limited to 'selfpublish.sh') diff --git a/selfpublish.sh b/selfpublish.sh index aa13fce..c24c9b7 100644 --- a/selfpublish.sh +++ b/selfpublish.sh @@ -1,7 +1,6 @@ #!/bin/sh set -e -DEFAULT_AUTH_TYPE=ed25519 DYNDNSHOST=cryptonomic.net DEFAULT_UPSTREAM=d@cryptonomic.net:public_git/selfpublish.sh @@ -407,9 +406,11 @@ EOF set -e DOMAIN=cryptonomic.net -DEFAULT_AUTH_TYPE=ed25519 HASH_TYPE=2 HOSTNAME=$(hostname --short) +KEY_TYPE=ed25519 +KEY_FILE=/etc/ssh/ssh_host_${KEY_TYPE}_key +HostKeyAlgorithm=ssh-ed25519 die() { echo "$0: Error: $*" >&2; exit 1; } @@ -422,7 +423,7 @@ get_domain() { get_sshfp "$1" - domain=$(printf %s.%s.%s "$sshfp_b32" "$DEFAULT_AUTH_TYPE" "$DOMAIN" | tail -c64) + domain=$(printf %s.%s.%s "$sshfp_b32" "$KEY_TYPE" "$DOMAIN" | tail -c64) domain=$(printf %s.%s "$HOSTNAME" "$domain") } @@ -445,21 +446,19 @@ withsetx() "$@" | indent } -KEY_FILE=/etc/ssh/ssh_host_${DEFAULT_AUTH_TYPE}_key - delegate_command=/usr/lib/cryptonomic/cryptonomic-$1 if [ $# = 0 ] then hostname=$(cryptonomic hostname) uid=$(id -un)@${hostname} - 2>/dev/null withsetx ssh-keyscan "$hostname" + 2>/dev/null withsetx ssh-keyscan -t "${HostKeyAlgorithm}" "$hostname" 2>/dev/null withsetx dig +nocmd -taaaa "$hostname" +noall +answer 2>/dev/null withsetx dig +nocmd "$hostname" +noall +answer 2>&1 withsetx gpg --locate-keys "$uid" 2>/dev/null withsetx delv @1.1.1.1 -t sshfp "$hostname" - export hostname - 2>&1 withsetx sh -c 'ssh -v -i /dev/null -o BatchMode=yes -o HostKeyAlgorithms=ssh-ed25519 -o VerifyHostKeyDNS=yes -o GlobalKnownHostsFile=/dev/null -o UserKnownHostsFile=/dev/null "$hostname" -- true 2>&1 | tee cryptonomic.ssh.$$.log | egrep "DNS|Server host key|match:|Connecting to|Connection|Authenticating to"' + export hostname HostKeyAlgorithm + 2>&1 withsetx sh -c 'ssh -v -i /dev/null -o BatchMode=yes -o HostKeyAlgorithms=${HostKeyAlgorithm} -o VerifyHostKeyDNS=yes -o GlobalKnownHostsFile=/dev/null -o UserKnownHostsFile=/dev/null "$hostname" -- true 2>&1 | tee cryptonomic.ssh.$$.log | egrep "DNS|Server host key|match:|Connecting to|Connection|Authenticating to"' elif [ "$1" = hostname ] then -- cgit v1.2.3