Skip to content

Instantly share code, notes, and snippets.

@redmcg
Last active Jan 17, 2020
Embed
What would you like to do?
An awk script that provides the same functionality as ssh-keygen -F <host>
#!/usr/bin/env bash
host=$1
awk -v host=$host '
/^|1/ {
split($1, a, /\|/)
key=a[3]
hmac=a[4]
"echo -n " host " | openssl sha1 -mac HMAC -macopt hexkey:$(echo " key " | base64 -d | xxd -p) -binary | base64" | getline myhmac
if (hmac == myhmac) {
print "# Host " host " found: line " NR
print
}
}' ~/.ssh/known_hosts
#!/usr/bin/env bash
host=$1
awk -v host=$host '
function pad_key(pad, i, val) {
for (i = 0; i < 64; i++) {
val = sprintf("%s%02x", val, xor(strtonum("0x" substr(hexkey, i*2+1, 2)), pad))
}
return val
}
/^|1/ {
split($1, a, /\|/)
key=a[3]
hmac=a[4]
"echo " key " | base64 -d | xxd -p " | getline hexkey
o_key_pad = pad_key(0x5c)
i_key_pad = pad_key(0x36)
"bash -c '\''cat <(echo -n " o_key_pad " | xxd -r -p) <(cat <(echo -n " i_key_pad " | xxd -r -p) <(echo -n " host ") | sha1sum | xxd -r -p) | sha1sum | xxd -r -p | base64'\''" | getline myhmac
if (hmac == myhmac) {
print "# Host " host " found: line " NR
print
}
}' ~/.ssh/known_hosts
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment