diff options
author | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2008-06-19 00:13:39 -0400 |
---|---|---|
committer | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2008-06-19 00:13:39 -0400 |
commit | 10d38ac8e8580322d533c3c5e1b7fad13363b7e5 (patch) | |
tree | b3dd9d8ddadd8da76b15119f86ec8097f1b15913 /src/monkeysphere-ssh-proxycommand | |
parent | 18c15c1adf65d47df5b3753c99f06092d81906d0 (diff) | |
parent | fadd814ce4351c3869e49d91b31aa5b2efc68a01 (diff) |
Merge commit 'jrollins/master'
Diffstat (limited to 'src/monkeysphere-ssh-proxycommand')
-rwxr-xr-x | src/monkeysphere-ssh-proxycommand | 46 |
1 files changed, 35 insertions, 11 deletions
diff --git a/src/monkeysphere-ssh-proxycommand b/src/monkeysphere-ssh-proxycommand index 4b90a0d..4cbcd51 100755 --- a/src/monkeysphere-ssh-proxycommand +++ b/src/monkeysphere-ssh-proxycommand @@ -13,9 +13,6 @@ # established. Can be added to ~/.ssh/config as follows: # ProxyCommand monkeysphere-ssh-proxycommand %h %p -HOST="$1" -PORT="$2" - usage() { cat <<EOF >&2 usage: ssh -o ProxyCommand="$(basename $0) %h %p" ... @@ -26,6 +23,14 @@ log() { echo "$@" >&2 } +if [ "$1" = '--no-connect' ] ; then + NO_CONNECT='true' + shift 1 +fi + +HOST="$1" +PORT="$2" + if [ -z "$HOST" ] ; then log "host must be specified." usage @@ -37,20 +42,39 @@ if [ -z "$PORT" ] ; then exit 1 fi -# check for the host key in the known_hosts file -hostKey=$(ssh-keygen -F "$HOST") +# set the host URI +URI="ssh://${HOST}" +if [ "$PORT" != '22' ] ; then + URI="${URI}:$PORT" +fi -# if the host key is found in the known_hosts file, -# don't check the keyserver -if [ "$hostKey" ] ; then +# if the host is in the gpg keyring... +if gpg --list-key ="${URI}" >/dev/null ; then + # do not check the keyserver CHECK_KEYSERVER="false" +# if the host is NOT in the keyring... else - CHECK_KEYSERVER="true" + # if the host key is found in the known_hosts file... + # FIXME: this only works for default known_hosts location + hostKey=$(ssh-keygen -F "$HOST") + if [ "$hostKey" ] ; then + # if the check keyserver variable is NOT set to true... + if [ "$CHECK_KEYSERVER" != 'true' ] ; then + # schedule a keyserver check for host at a later time + echo "monkeysphere update-known_hosts $HOST" | at noon + fi + # if the host key is not found in the known_hosts file... + else + # check the keyserver + CHECK_KEYSERVER="true" + fi fi export CHECK_KEYSERVER # update the known_hosts file for the host -monkeysphere update-known-hosts "$HOST" +monkeysphere update-known_hosts "$HOST" # exec a netcat passthrough to host for the ssh connection -exec nc "$HOST" "$PORT" +if [ -z "$NO_CONNECT" ] ; then + exec nc "$HOST" "$PORT" +fi |