diff options
| -rwxr-xr-x | certs/gencerts.sh | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/certs/gencerts.sh b/certs/gencerts.sh index 0c0f07d..b0ff43d 100755 --- a/certs/gencerts.sh +++ b/certs/gencerts.sh @@ -27,41 +27,41 @@ x509fpr() { "$(printf '%s' "$msg" | tr -d '`' )" "$spki" for h in sha1 sha256; do x509fpr2 "$h" "$pub" done local backup=$(find "$DIR" -maxdepth 1 -type f -name "${host%%:*}.pub.back*") if [ "$backup" -a "$typ" != mdwn ]; then echo " Backup pubkey:" for pub in $backup; do x509fpr2 sha256 "$pub" done fi } x509fpr2() { local h="$1" pub="$2" str dgst [ "$typ" = mdwn ] && str= || str=' ' str="$str$(printf '%-6s' "$h" | tr '[a-z]' '[A-Z]')" dgst="$(openssl pkey -pubin -outform DER <"$pub" | openssl dgst -"$h" -binary | base64)" hd=$(printf '%s' "$dgst" | base64 -d | xxd -c256 -p | tr '[a-f]' '[A-F]' | sed -e 's/../&:/g' -e 's/:$//') - if [ $((${#indent} + ${#str} + 1 + ${#hd})) -le 72 ]; then + if [ $((${#str} + 1 + ${#hd})) -le 72 ]; then printf '%s %s\n' "$indent$str" "$hd" else printf '%s %s\n' "$indent$str" "$dgst" fi } sshfpr() { local msg="$1" host h fpr str host="${msg%%,*}"; host="${host%% *}"; host="${host#*@}"; host="${host#\`}"; host="${host%\`}" [ "$typ" = mdwn ] && { echo; echo " $msg"; echo; } || { echo " $msg" | tr -d '`'; } [ "${host#*:}" != 22 ] || host="${host%%:*}" [ "$typ" = mdwn ] && str= || str=' ' for h in MD5 SHA256; do ssh-keygen -E "$h" -f "$DIR/../ssh_known_hosts" -lF "${host#*@}" done | sed -nr 's/^[^ #]+\s+//p' | sed -r 's/^\S+\s+([^:]+):/\1 /' | while read h fpr; do str2="$str$(printf '%-6s' "$h" | tr '[a-z]' '[A-Z]')" printf '%s %s\n' "$indent$str2" "$fpr" done } |