fingerprint=$(fingerprint_server_key)
gpg_authentication "--fingerprint --list-key --list-options show-unusable-uids $fingerprint"
- # dumping to a file named ' ' so that the ssh-keygen output
- # doesn't claim any potentially bogus hostname(s):
- tmpkey=$(mktemp ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX) || failure "Could not create temporary directory!"
- gpg_authentication "--export $fingerprint" | openpgp2ssh "$fingerprint" 2>/dev/null > "$tmpkey"
+ # do some crazy "Here Strings" redirection to get the key to
+ # ssh-keygen, since it doesn't read from stdin cleanly
echo -n "ssh fingerprint: "
- ssh-keygen -l -f "$tmpkey" | awk '{ print $1, $2, $4 }'
- rm -rf "$tmpkey"
+ ssh-keygen -l -f /dev/stdin \
+ <<<$(gpg_authentication "--export $fingerprint" | \
+ openpgp2ssh "$fingerprint" 2>/dev/null) | \
+ awk '{ print $1, $2, $4 }'
echo -n "OpenPGP fingerprint: "
echo "$fingerprint"
}
log "An OpenPGP key matching the ssh key offered by the host was found:"
log
- # get the fingerprint of the ssh key
- tmpkey=$(mktemp ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX)
- echo "$sshKeyGPG" > "$tmpkey"
- sshFingerprint=$(ssh-keygen -l -f "$tmpkey" | \
+ # do some crazy "Here Strings" redirection to get the key to
+ # ssh-keygen, since it doesn't read from stdin cleanly
+ sshFingerprint=$(ssh-keygen -l -f /dev/stdin \
+ <<<$(echo "$sshKeyGPG") | \
awk '{ print $2 }')
- rm -rf "$tmpkey"
# get the sigs for the matching key
gpgSigOut=$(gpg --check-sigs \