diff options
Diffstat (limited to 'scripts')
-rwxr-xr-x | scripts/toxish | 132 |
1 files changed, 132 insertions, 0 deletions
diff --git a/scripts/toxish b/scripts/toxish new file mode 100755 index 0000000..9f62b53 --- /dev/null +++ b/scripts/toxish | |||
@@ -0,0 +1,132 @@ | |||
1 | #!/bin/bash | ||
2 | set -e | ||
3 | function help | ||
4 | { | ||
5 | PROGNAME=${0##*/} | ||
6 | cat <<EOF | ||
7 | $PROGNAME: Save TunTox numbers in OpenSSH contact list. | ||
8 | |||
9 | Usage: $PROGNAME add <name> <TunTox Number> | ||
10 | Usage: $PROGNAME connect <name> <TunTox Number> | ||
11 | |||
12 | |||
13 | For example, first do this: | ||
14 | |||
15 | $PROGNAME add billy 4BC18209278C9B2AA1BF9B9B27E671FC47D3DE3B15D175A63CC2C6E01B532A4CAE3D4BE083C8 | ||
16 | |||
17 | Then you can connect to billy's SSH server through Tox with this command: | ||
18 | |||
19 | ssh billy | ||
20 | |||
21 | |||
22 | |||
23 | It will use Tox for connectivity but provide all the features of ssh (such as | ||
24 | git, rsync, tunneling with -w, etc). | ||
25 | |||
26 | |||
27 | |||
28 | It is also possible to use this command: | ||
29 | |||
30 | $PROGNAME connect <name> <TunTox Number> | ||
31 | $PROGNAME connect billy 4BC18209278C9B2AA1BF9B9B27E671FC47D3DE3B15D175A63CC2C6E01B532A4CAE3D4BE083C8 | ||
32 | |||
33 | ...which will first add the entry, if necessary, and then connect by running the | ||
34 | command 'ssh billy'. | ||
35 | |||
36 | |||
37 | EOF | ||
38 | } | ||
39 | |||
40 | function main | ||
41 | { | ||
42 | if [ $# = 0 ] | ||
43 | then | ||
44 | help | ||
45 | exit | ||
46 | fi | ||
47 | case "$1" in | ||
48 | add) | ||
49 | shift | ||
50 | tokssh_add "$@" | ||
51 | ;; | ||
52 | connect) | ||
53 | shift | ||
54 | exists_ok | ||
55 | tokssh_add "$@" | ||
56 | exec ssh "$name" | ||
57 | ;; | ||
58 | *) | ||
59 | help | ||
60 | exit 1 | ||
61 | ;; | ||
62 | esac | ||
63 | exit | ||
64 | } | ||
65 | |||
66 | |||
67 | function ssh_config_fragment | ||
68 | { | ||
69 | cat <<EOF | ||
70 | Host $name | ||
71 | # Cryptographic trust comes from Hostname, which is a Tox key hash. | ||
72 | # | ||
73 | # We know we're talking to someone who has this key hash because Tox crypto | ||
74 | # verifies. | ||
75 | # | ||
76 | # Thus we can safely disable StrictHostKeyChecking, and we can use this as a | ||
77 | # secure channel to obtain and save SSH public keys for the remote server. | ||
78 | |||
79 | StrictHostKeyChecking=no | ||
80 | Hostname=$toxid | ||
81 | ProxyCommand=tuntox -C ~/.tuntox/persist -i %h -W localhost:%p | ||
82 | EOF | ||
83 | } | ||
84 | |||
85 | function tokssh_add | ||
86 | { | ||
87 | if [ $# != 2 ] | ||
88 | then | ||
89 | help | ||
90 | exit 1 | ||
91 | fi | ||
92 | if [ ${#2} = 76 ] | ||
93 | then | ||
94 | name=$1 | ||
95 | toxid=$2 | ||
96 | elif [ ${#1} = 76 ] | ||
97 | then | ||
98 | name=$2 | ||
99 | toxid=$1 | ||
100 | else | ||
101 | echo "$0: Error: Invalid ToxID: $2" >&2 | ||
102 | exit 1 | ||
103 | fi | ||
104 | mkdir -p ~/.ssh/config.d | ||
105 | mkdir -p ~/.tuntox/persist | ||
106 | grep -q '^Include config\.d/\*' ~/.ssh/config || sed -i -e '1i Include config.d/*' ~/.ssh/config | ||
107 | if grep -q "^Host $name" ~/.ssh/config | ||
108 | then | ||
109 | if [ "$exists_ok" ] | ||
110 | then | ||
111 | return | ||
112 | else | ||
113 | echo "$0: Error: name exists in your .ssh/config. Refused to edit. name=$name" >&2 | ||
114 | exit 1 | ||
115 | fi | ||
116 | fi | ||
117 | out=~/.ssh/config.d/$name | ||
118 | if [ -e "$out" ] | ||
119 | then | ||
120 | if [ "$exists_ok" ] | ||
121 | then | ||
122 | return | ||
123 | else | ||
124 | echo "$0: Error: file exists. Refused to edit. file=$out" >&2 | ||
125 | exit 1 | ||
126 | fi | ||
127 | else | ||
128 | ssh_config_fragment > "$out" | ||
129 | fi | ||
130 | } | ||
131 | |||
132 | main "$@" | ||