-
-
Save webernetz/2ca7325555ce7f28f26daf5728386d82 to your computer and use it in GitHub Desktop.
Generate remotely SSHFP records
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -e | |
if [[ "$#" -lt 1 ]]; then | |
echo "Usage: $0 <hostname or IP address>" | |
exit | |
fi | |
host="$1" | |
TMPFILE="$(mktemp /var/tmp/sshfp.XXXXXX)" | |
trap 'rm -f ${TMPFILE}' INT TERM EXIT | |
for proto in rsa dsa ecdsa ed25519; do | |
ssh-keyscan -t $proto "$host" > ${TMPFILE} 2>/dev/null | |
[[ ! -s "${TMPFILE}" ]] && continue | |
sed -ri 's/^[^ ]+ //' ${TMPFILE} | |
ssh-keygen -r "$host" -f ${TMPFILE} | |
done |
I found a bug, because of -e
the command will exit if it does not find the key: for example dsa
and stop the process
My fix
- ssh-keyscan -t $proto "$host" > ${TMPFILE} 2>/dev/null
+ ssh-keyscan -t $proto "$host" > ${TMPFILE} 2>/dev/null || true
You can see this if you add an echo at the first line of the loop, it shows that it dies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Sill awesome !
I posted it on https://unix.stackexchange.com/a/759200/155610