blob: a59671afc2d38645c2aa7643e2de3121008a0ce4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
#!/bin/bash
set -e
function help
{
PROGNAME=${0##*/}
cat <<EOF
$PROGNAME: Save TunTox numbers in OpenSSH contact list.
Usage: $PROGNAME add <name> <TunTox Number>
Usage: $PROGNAME connect <name> <TunTox Number>
For example, first do this:
$PROGNAME add billy 4BC18209278C9B2AA1BF9B9B27E671FC47D3DE3B15D175A63CC2C6E01B532A4CAE3D4BE083C8
Then you can connect to billy's SSH server through Tox with this command:
ssh billy
It will use Tox for connectivity but provide all the features of ssh (such as
git, rsync, tunneling with -w, etc).
It is also possible to use this command:
$PROGNAME connect <name> <TunTox Number>
$PROGNAME connect billy 4BC18209278C9B2AA1BF9B9B27E671FC47D3DE3B15D175A63CC2C6E01B532A4CAE3D4BE083C8
...which will first add the entry, if necessary, and then connect by running the
command 'ssh billy'.
EOF
}
function main
{
if [ $# = 0 ]
then
help
exit
fi
case "$1" in
add)
shift
tokssh_add "$@"
;;
connect)
shift
exists_ok=y
tokssh_add "$@"
exec ssh "$name"
;;
*)
help
exit 1
;;
esac
exit
}
function ssh_config_fragment
{
cat <<EOF
Host $name
# Cryptographic trust comes from Hostname, which is a Tox key hash.
#
# We know we're talking to someone who has this key hash because Tox crypto
# verifies.
#
# Thus we can safely disable StrictHostKeyChecking, and we can use this as a
# secure channel to obtain and save SSH public keys for the remote server.
StrictHostKeyChecking=no
Hostname=$toxid
ProxyCommand=tuntox -C ~/.tuntox/persist -i %h -W localhost:%p
EOF
}
function tokssh_add
{
if [ $# != 2 ]
then
help
exit 1
elif [ ${#2} != 76 ]
then
echo "$0: Error: Invalid ToxID: $2" >&2
exit 1
else
name=$1
toxid=$2
fi
mkdir -p ~/.ssh/config.d
mkdir -p ~/.tuntox/persist
grep -q '^Include config\.d/\*' ~/.ssh/config || sed -i -e '1i Include config.d/*' ~/.ssh/config
if grep -q "^Host $name" ~/.ssh/config
then
if [ "$exists_ok" ]
then
return
else
echo "$0: Error: name exists in your .ssh/config. Refused to edit. name=$name" >&2
exit 1
fi
fi
out=~/.ssh/config.d/$name
if [ -e "$out" ]
then
if [ "$exists_ok" ]
then
return
else
echo "$0: Error: file exists. Refused to edit. file=$out" >&2
exit 1
fi
else
ssh_config_fragment > "$out"
fi
}
main "$@"
|
