Skip to content
Snippets Groups Projects
Verified Commit 4bc7bfa2 authored by Adrian Schollmeyer's avatar Adrian Schollmeyer
Browse files

ssh-to-switch: misc fixes

parent 34732af2
No related branches found
No related tags found
No related merge requests found
# Set the command line to retrieve the password from a password manager
PASSWORD_COMMAND=pass swpw
PASSWORD_COMMAND="pass swpw"
# Timeout for ssh-keyscan
KEYSCAN_TIMEOUT="10"
# Set to true to enable a password dialogue to get the switch password
# INTERACTIVE=true
......@@ -8,7 +8,11 @@ COLOR_B_YELLOW_FG="\e[1;33m"
COLOR_RESET="\e[0m"
printf_info() {
printf "%s[i] %s%s", "${COLOR_CYAN_FG}", "$*", "${COLOR_RESET}"
printf "${COLOR_CYAN_FG}[i] %s${COLOR_RESET}" "$*"
}
printf_warn() {
printf "${COLOR_B_YELLOW_FG}[*] %s${COLOR_RESET}" "$*"
}
echo_info() {
......@@ -53,9 +57,9 @@ sshpass_res=$?
if [[ "$sshpass_res" == "6" ]]; then
echo_warn "Connection failed. The Host key isn't known to you or wrong!"
print_info "Checking, if some other host key is in ~/.ssh/known_hosts... "
printf_info "Checking, if some other host key is in ~/.ssh/known_hosts... "
if grep -Eo "$1" ~/.ssh/known_hosts > /dev/null 2>&1; then
echo "${COLOR_RED_FG}yes.${COLOR_RESET}"
echo "${COLOR_B_RED_FG}yes.${COLOR_RESET}"
echo_err "Possibliy changed host key. This might be a MITM attack. Starting ssh interactively to see the proper SSH output."
exec ssh "$1"
fi
......@@ -63,21 +67,20 @@ if [[ "$sshpass_res" == "6" ]]; then
echo "${COLOR_GREEN_FG}no.${COLOR_RESET}"
echo_info "The host is not in your ~/.ssh/known_hosts. We trust on first use!"
print_info "Adding host key to known_hosts automatically... "
if ! ssh-keyscan "$1" 2>/dev/null >> ~/.ssh/known_hosts; then
echo "${COLOR_RED_FG} failed.${COLOR_RESET}"
print_warn "Could not obtain SSH host key automatically. Retrying via fem-mgmt-jumphost... "
printf_info "Adding host key to known_hosts automatically... "
if ! ssh-keyscan -T "${KEYSCAN_TIMEOUT}" "$1" 2>/dev/null >> ~/.ssh/known_hosts; then
echo "${COLOR_B_RED_FG} failed.${COLOR_RESET}"
printf_warn "Could not obtain SSH host key automatically. Retrying via fem-mgmt-jumphost... "
# shellcheck disable=SC2029 (we want this to expand on the client side)
if ! ssh fem-mgmt-jumphost ssh-keyscan "$1.net.fem.tu-ilmenau.de" 2>/dev/null >> ~/.ssh/known_hosts; then
echo "${COLOR_RED_FG}failed${COLOR_RESET}"
if ! ssh fem-mgmt-jumphost ssh-keyscan -T "${KEYSCAN_TIMEOUT}" "$1.net.fem.tu-ilmenau.de" 2>/dev/null >> ~/.ssh/known_hosts; then
echo "${COLOR_B_RED_FG}failed${COLOR_RESET}"
echo_err "Automatic key retrieval failed. Now you have to do it yourself!"
set -e
exec ssh "$1"
fi
fi
echo "${COLOR_GREEN_FG}done.{$COLOR_RESET}"
echo "${COLOR_GREEN_FG}done.${COLOR_RESET}"
echo_info "Reconnecting..."
exec $sshpass_exec
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment