From: Jameson Graef Rollins Date: Sat, 11 Jul 2009 22:42:00 +0000 (-0400) Subject: improve marginal UI for cases when host key can't be retrieved X-Git-Tag: monkeysphere_0.25~25^2~2 X-Git-Url: https://codewiz.org/gitweb?a=commitdiff_plain;h=0755ca307728b516cb1727d5f7a5d7547676d573;p=monkeysphere.git improve marginal UI for cases when host key can't be retrieved if ssh-keyscan can't retrieve the host key, then output all keys with matching user ID and validity marginal or better. --- diff --git a/src/share/m/ssh_proxycommand b/src/share/m/ssh_proxycommand index 74b0f85..322937b 100644 --- a/src/share/m/ssh_proxycommand +++ b/src/share/m/ssh_proxycommand @@ -15,6 +15,55 @@ # established. Can be added to ~/.ssh/config as follows: # ProxyCommand monkeysphere ssh-proxycommand %h %p +# output the key info, including the RSA fingerprint +show_key_info() { + local keyid="$1" + local sshKeyGPGFile + local sshFingerprint + local gpgSigOut + local otherUids + + # get the ssh key of the gpg key + sshKeyGPGFile=$(msmktempfile) + gpg2ssh "$keyid" >"$sshKeyGPGFile" + sshFingerprint=$(ssh-keygen -l -f "$sshKeyGPGFile" | \ + awk '{ print $2 }') + rm -f "$sshKeyGPGFile" + + # get the sigs for the matching key + gpgSigOut=$(gpg_user --check-sigs \ + --list-options show-uid-validity \ + "$keyid") + + echo | log info + + # output the sigs, but only those on the user ID + # we are looking for + echo "$gpgSigOut" | awk ' +{ +if (match($0,"^pub")) { print; } +if (match($0,"^uid")) { ok=0; } +if (match($0,"^uid.*'$userID'$")) { ok=1; print; } +if (ok) { if (match($0,"^sig")) { print; } } +} +' + + # output ssh fingerprint + cat <"$sshKeyGPGFile" - sshFingerprint=$(ssh-keygen -l -f "$sshKeyGPGFile" | \ - awk '{ print $2 }') - rm -f "$sshKeyGPGFile" - - # get the sigs for the matching key - gpgSigOut=$(gpg_user --check-sigs \ - --list-options show-uid-validity \ - "$keyid") - - # output the sigs, but only those on the user ID - # we are looking for - echo "$gpgSigOut" | awk ' -{ -if (match($0,"^pub")) { print; } -if (match($0,"^uid")) { ok=0; } -if (match($0,"^uid.*'$userID'$")) { ok=1; print; } -if (ok) { if (match($0,"^sig")) { print; } } -} -' | log info - echo | log info - - # output the other user IDs for reference - if (echo "$gpgSigOut" | grep "^uid" | grep -v -q "$userID") ; then - log info <