Skip to content

Instantly share code, notes, and snippets.

@crzysdrs

crzysdrs/README.md

Forked from taylor/README.md
Last active January 18, 2016 08:21
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save crzysdrs/321cb7c1160330b01274 to your computer and use it in GitHub Desktop.
Save crzysdrs/321cb7c1160330b01274 to your computer and use it in GitHub Desktop.
Download ZIP
wrapper to support SSH SRV records
Raw
README.md

Introduction

ssh-srv-wrapper is bash shell script which tries to find a SSH SRV record for the first host and uses what is found rather than what was passed (if a valid record is found).

Install

Run the script directly or feel free to rename or symlink to the name ssh. It will look for another ssh in your path to execute.

TODO

  • Validate host found in DNS. Potential security risk if DNS server returned shell esacpe sequences, etc.

Note on Patches/Pull Requests

  • Fork the project.
  • Make your feature addition or bug fix.
  • Send me a pull request -- not sure if that will work in a Gist...

Copyright

Released into the public domain.

Raw
ssh-srv-wrapper.sh
#!/bin/bash
# Name: ssh-srv-wrapper
#
# Purpose: Check DNS SRV records and use the entry when possible.
#
# This code is hereby released to the public domain and may be used for any
# purpose whatsoever without permission or acknowledgment.
#
# Taylor Carpenter <taylor@codecafe.com>
DEBUG_ME=0
me=`basename $0`
mydir=$(dirname $0)
_dmsg() { if [ "${DEBUG_ME}" = 1 ] ; then echo $* ; fi ; }
if [ -z "${SSH_BIN}" ] ; then
SSH=`which ssh`
if [ "$me" = "ssh" -a "$0" = "${SSH}" ] ; then
SSH=`PATH=${PATH/$mydir:} which ssh`
fi
else
SSH="${SSH_BIN}"
fi
if [ "$0" = "${SSH}" ] ; then
echo "SSH is pointing to self: ${SSH}"
echo "Try setting SSH_BIN to something else"
exit 1
fi
usage() {
#echo "usage: $me [args] [user@<host>] [args]"
#echo "See man ssh (1)"
$SSH
}
if [ "$1" = "" ] ; then
usage
exit 1
elif [ "$1" = "-V" -o "$1" = "-version" ] ; then
exec $SSH -V
else
args=("$@")
fi
preargs=()
postargs=()
nao=1246AaCfgKkMNnqsTtVvXxYy
userhost=
check_srv=true
i=0
# Only parse args up to [user@]host
for (( i=0; i<${#args[*]}; i++ )) ; do
case ${args[i]} in
-[$nao]|-[$nao]*[$nao])
preargs[${#preargs[*]}]="${args[i]}"
args[i]=
;;
-*p)
preargs[${#preargs[*]}]="${args[i]}"
args[i]=
((i++))
preargs[${#preargs[*]}]="${args[i]}"
args[i]=
check_srv=false # ignore SRV record
;;
-*)
preargs[${#preargs[*]}]="${args[i]}"
args[i]=
((i++))
preargs[${#preargs[*]}]="${args[i]}"
args[i]=
;;
*)
userhost="${args[i]}"
args[i]=
postargs=($(echo "${args[@]}"))
break
;;
esac
done
if [ -z "$userhost" ] ; then
usage
exit 1
fi
host=${userhost##*@}
user=${userhost%%@*}
[ "$user" = "$host" ] && user=
if [ "$check_srv" = "true" ] ; then
echo $host | grep '[A-Za-z]' > /dev/null
if [ $? = 0 ] ; then
srv=$(host -s -W 1 -t SRV _ssh._tcp.${host}|grep "has SRV")
if [ $? = 0 ] ; then
shost=${srv##* }
host=${shost%*.}
sport=${srv%* $host.}
port=${sport##* }
if [ -z "$host" ] ; then
echo "Could not figure out hostname in SRV record"
exit 1
fi
fi
fi
[ "$port" != "" ] && preargs[${#preargs[*]}]="-p ${port}"
_dmsg "After SRV lookup -- HOST: $host PORT: $port"
fi
[ "$user" != "" ] && userat="${user}@" || userat=""
args=("${preargs[@]}" "${userat}${host}" "${postargs[@]}")
_dmsg Executing $SSH ${args[@]}
exec $SSH ${args[@]}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment