From 6a43a89f5b2cd6ce91fa9c0bfddb5e2d44e77200 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Mon, 17 Nov 2008 18:07:33 -0500 Subject: [PATCH] HA! I figured out how to get ssh-keygen to read stdin by using the bash "Here Strings" redirection. No more stupid tempfiles to get ssh key fingerprints. --- src/monkeysphere-server | 12 ++++++------ src/monkeysphere-ssh-proxycommand | 9 ++++----- 2 files changed, 10 insertions(+), 11 deletions(-) diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 34b06b7..a1844ee 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -132,13 +132,13 @@ show_server_key() { fingerprint=$(fingerprint_server_key) gpg_authentication "--fingerprint --list-key --list-options show-unusable-uids $fingerprint" - # dumping to a file named ' ' so that the ssh-keygen output - # doesn't claim any potentially bogus hostname(s): - tmpkey=$(mktemp ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX) || failure "Could not create temporary directory!" - gpg_authentication "--export $fingerprint" | openpgp2ssh "$fingerprint" 2>/dev/null > "$tmpkey" + # do some crazy "Here Strings" redirection to get the key to + # ssh-keygen, since it doesn't read from stdin cleanly echo -n "ssh fingerprint: " - ssh-keygen -l -f "$tmpkey" | awk '{ print $1, $2, $4 }' - rm -rf "$tmpkey" + ssh-keygen -l -f /dev/stdin \ + <<<$(gpg_authentication "--export $fingerprint" | \ + openpgp2ssh "$fingerprint" 2>/dev/null) | \ + awk '{ print $1, $2, $4 }' echo -n "OpenPGP fingerprint: " echo "$fingerprint" } diff --git a/src/monkeysphere-ssh-proxycommand b/src/monkeysphere-ssh-proxycommand index b3dc562..a609199 100755 --- a/src/monkeysphere-ssh-proxycommand +++ b/src/monkeysphere-ssh-proxycommand @@ -77,12 +77,11 @@ output_no_valid_key() { log "An OpenPGP key matching the ssh key offered by the host was found:" log - # get the fingerprint of the ssh key - tmpkey=$(mktemp ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX) - echo "$sshKeyGPG" > "$tmpkey" - sshFingerprint=$(ssh-keygen -l -f "$tmpkey" | \ + # do some crazy "Here Strings" redirection to get the key to + # ssh-keygen, since it doesn't read from stdin cleanly + sshFingerprint=$(ssh-keygen -l -f /dev/stdin \ + <<<$(echo "$sshKeyGPG") | \ awk '{ print $2 }') - rm -rf "$tmpkey" # get the sigs for the matching key gpgSigOut=$(gpg --check-sigs \ -- 2.25.1