diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2018-12-03 03:59:12 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2018-12-03 03:59:12 +0100 |
| commit | 7c78ef44898be08e8c3b6570ebd4064c6e0ade8f (patch) | |
| tree | 86bd15c1e40b54dfc04dc3f6b4fa6ed1d97f1c00 | |
| parent | 07c1734d2c00ce0a52830533b19a02faed678364 (diff) | |
gencerts: Also show the algorithm for SSH host keys.
| -rwxr-xr-x | certs/gencerts.sh | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/certs/gencerts.sh b/certs/gencerts.sh index 291a73f..bb5650d 100755 --- a/certs/gencerts.sh +++ b/certs/gencerts.sh @@ -40,52 +40,52 @@ x509fpr() { for pub in $backup; do x509fpr2 sha256 "$pub" done fi } x509fpr2() { local h="$1" pub="$2" str dgst [ "$typ" = mdwn ] && str= || str=' ' str="$str$(printf '%-6s' "$h" | tr '[a-z]' '[A-Z]')" dgst="$(openssl pkey -pubin -outform DER <"$pub" | openssl dgst -"$h" -binary | base64)" hd=$(printf '%s' "$dgst" | base64 -d | xxd -c256 -p | tr '[a-f]' '[A-F]' | sed -e 's/../&:/g' -e 's/:$//') if [ $((${#str} + 1 + ${#hd})) -le 72 ]; then printf '%s %s\n' "$indent$str" "$hd" else printf '%s %s\n' "$indent$str" "$dgst" fi indent=" ${indent#?}" } sshfpr() { - local msg="$1" host h fpr str + local msg="$1" host a h fpr str host="${msg%%,*}"; host="${host%% *}"; host="${host#*@}"; host="${host#\`}"; host="${host%\`}" [ "$typ" = mdwn ] && printf '\n%s\n\n' "$msg" || { printf '\n%s\n\n' "$msg" | tr -d '`'; } [ "${host#*:}" != 22 ] || host="${host%%:*}" indent=":${indent#?}" [ "$typ" = mdwn ] && str= || str=' ' for h in MD5 SHA256; do ssh-keygen -E "$h" -f "$DIR/../ssh_known_hosts" -lF "${host#*@}" - done | sed -nr 's/^[^ #]+\s+//p' | sed -r 's/^\S+\s+([^:]+):/\1 /' | - while read h fpr; do + done | sed -nr 's/^[^ #]+\s+//p' | sed -r 's/^(\S+)\s+([^:]+):/\1 \2 /' | + while read a h fpr; do str2="$str$(printf '%-6s' "$h" | tr '[a-z]' '[A-Z]')" - printf '%s %s\n' "$indent$str2" "$fpr" + printf '%s %s (%s)\n' "$indent$str2" "$fpr" "$a" indent=" ${indent#?}" done } allfpr() { local typ="$1" [ "$typ" = mdwn ] && indent=' ' || indent=' ' header 'IMAP server' x509fpr '`imap.fripost.org:993` (IMAP over SSL), `sieve.fripost.org:4190` (ManageSieve, `STARTTLS`)' header 'SMTP servers' x509fpr '`smtp.fripost.org:587` (Mail Submission Agent, `STARTTLS`)' x509fpr '`mx1.fripost.org:25` (1st Mail eXchange, `STARTTLS`)' x509fpr '`mx2.fripost.org:25` (2nd Mail eXchange, `STARTTLS`)' header 'Web servers' x509fpr '`fripost.org:443`, `www.fripost.org:443` (website), `wiki.fripost.org:443` (wiki)' x509fpr '`mail.fripost.org:443`, `webmail.fripost.org:443` (webmail)' x509fpr '`lists.fripost.org:443` (list manager)' |