summaryrefslogtreecommitdiff
path: root/src/monkeysphere-ssh-proxycommand
blob: 0e66e104f560835876057f79bd7cb3d9be2ed913 (plain) 
    

  1. #!/bin/sh
    2. 

  2. 

  3. # monkeysphere-ssh-proxycommand: MonkeySphere ssh ProxyCommand hook
    4. 

  4. #
    5. 

  5. # The monkeysphere scripts are written by:
    6. 

  6. # Jameson Rollins <jrollins@fifthhorseman.net>
    7. 

  7. #
    8. 

  8. # They are Copyright 2008, and are all released under the GPL, version 3
    9. 

  9. # or later.
    10. 

  10. 

  11. # This is meant to be run as an ssh ProxyCommand to initiate a
    12. 

  12. # monkeysphere known_hosts update before an ssh connection to host is
    13. 

  13. # established.  Can be added to ~/.ssh/config as follows:
    14. 

  14. #  ProxyCommand monkeysphere-ssh-proxycommand %h %p
    15. 

  15. 

  16. ########################################################################
    17. 

  17. SHARE=${MONKEYSPHERE_SHARE:-"/usr/share/monkeysphere"}
    18. 

  18. . "${SHARE}/common" || exit 1
    19. 

  19. 

  20. ########################################################################
    21. 

  21. 

  22. usage() {
    23. 

  23. cat <<EOF >&2
    24. 

  24. usage: ssh -o ProxyCommand="$(basename $0) %h %p" ...
    25. 

  25. EOF
    26. 

  26. }
    27. 

  27. 

  28. ########################################################################
    29. 

  29. 

  30. # export the monkeysphere log level
    31. 

  31. export MONKEYSPHERE_LOG_LEVEL
    32. 

  32. 

  33. if [ "$1" = '--no-connect' ] ; then
    34. 

  34.     NO_CONNECT='true'
    35. 

  35.     shift 1
    36. 

  36. fi
    37. 

  37. 

  38. HOST="$1"
    39. 

  39. PORT="$2"
    40. 

  40. 

  41. MS_HOME=${MS_HOME:-"${HOME}/.config/monkeysphere"}
    42. 

  42. 

  43. if [ -z "$HOST" ] ; then
    44. 

  44.     echo "Host not specified." >&2
    45. 

  45.     usage
    46. 

  46.     exit 255
    47. 

  47. fi
    48. 

  48. if [ -z "$PORT" ] ; then
    49. 

  49.     PORT=22
    50. 

  50. fi
    51. 

  51. 

  52. # set the host URI
    53. 

  53. if [ "$PORT" != '22' ] ; then
    54. 

  54.     HOSTP="${HOST}:${PORT}"
    55. 

  55. else
    56. 

  56.     HOSTP="${HOST}"
    57. 

  57. fi
    58. 

  58. URI="ssh://${HOSTP}"
    59. 

  59. 

  60. # if the host is in the gpg keyring...
    61. 

  61. if gpg --list-key ="${URI}" 2>&1 >/dev/null ; then
    62. 

  62.     # do not check the keyserver
    63. 

  63.     CHECK_KEYSERVER="false"
    64. 

  64. 

  65. # if the host is NOT in the keyring...
    66. 

  66. else
    67. 

  67.     # if the host key is found in the known_hosts file...
    68. 

  68.     # FIXME: this only works for default known_hosts location
    69. 

  69.     hostKey=$(ssh-keygen -F "$HOST" 2>/dev/null)
    70. 

  70. 

  71.     if [ "$hostKey" ] ; then
    72. 

  72.     # do not check the keyserver
    73. 

  73.     # FIXME: more nuanced checking should be done here to properly
    74. 

  74.     # take into consideration hosts that join monkeysphere by
    75. 

  75.     # converting an existing and known ssh key
    76. 

  76.     CHECK_KEYSERVER="false"
    77. 

  77. 

  78.     # if the host key is not found in the known_hosts file...
    79. 

  79.     else
    80. 

  80.     # check the keyserver
    81. 

  81.     CHECK_KEYSERVER="true"
    82. 

  82.     fi
    83. 

  83. fi
    84. 

  84. 

  85. MONKEYSPHERE_CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="$CHECK_KEYSERVER"}
    86. 

  86. export MONKEYSPHERE_CHECK_KEYSERVER
    87. 

  87. 

  88. # update the known_hosts file for the host
    89. 

  89. monkeysphere update-known_hosts "$HOSTP"
    90. 

  90. 

  91. # exec a netcat passthrough to host for the ssh connection
    92. 

  92. if [ -z "$NO_CONNECT" ] ; then
    93. 

  93.     if (which nc 2>/dev/null >/dev/null); then
    94. 

  94.     exec nc "$HOST" "$PORT"
    95. 

  95.     elif (which socat 2>/dev/null >/dev/null); then
    96. 

  96.     exec socat STDIO "TCP:$HOST:$PORT"
    97. 

  97.     else
    98. 

  98.     echo "Neither netcat nor socat found -- could not complete monkeysphere-ssh-proxycommand connection to $HOST:$PORT" >&2
    99. 

  99.     exit 255
    100. 

  100.     fi
    101. 

  101. fi
    102.
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-28 05:32:23 +0000