- # find all 'pub' and 'sub' lines in the gpg output, which each
- # represent a retrieved key for the user ID
+ # find all keys in the gpg output ('pub' and 'sub' lines) and
+ # output the ones that match the host key or that have marginal
+ # validity
echo "$gpgOut" | cut -d: -f1,2,5,10,12 | \
while IFS=: read -r type validity keyid uidfpr usage ; do
case $type in
'pub'|'sub')
# get the ssh key of the gpg key
sshKeyGPG=$(gpg2ssh "$keyid")
echo "$gpgOut" | cut -d: -f1,2,5,10,12 | \
while IFS=: read -r type validity keyid uidfpr usage ; do
case $type in
'pub'|'sub')
# get the ssh key of the gpg key
sshKeyGPG=$(gpg2ssh "$keyid")
-
- # if one of keys found matches the one offered by the
- # host, then output info
+ # if one of the keys matches the one offered by
+ # the host, then output info and return
if [ "$sshKeyGPG" = "$sshKeyOffered" ] ; then
log info <<EOF
An OpenPGP key matching the ssh key offered by the host was found:
EOF
if [ "$sshKeyGPG" = "$sshKeyOffered" ] ; then
log info <<EOF
An OpenPGP key matching the ssh key offered by the host was found:
EOF
# this whole process is in a "while read"
# subshell. the only way to get information
# out of the subshell is to change the return
# this whole process is in a "while read"
# subshell. the only way to get information
# out of the subshell is to change the return
-
- # if the current key is marginal, show info
- if [ "$validity" = 'm' -o "$validity" = 'f' ] ; then
+ # and the current key is marginal, show info
+ if [ "$validity" = 'm' ] \
+ || [ "$validity" = 'f' ] \
+ || [ "$validity" = 'u' ] ; then
# if no key match was made (and the "while read" subshell
# returned 1) output how many keys were found
# if no key match was made (and the "while read" subshell
# returned 1) output how many keys were found