change variable from PKCS11_MODUlE to P11M

This commit is contained in:
Jakobus Schürz 2021-05-06 00:56:01 +02:00 committed by Jakobus Schürz
parent 9ffd8eac45
commit d1d9596868
3 changed files with 19 additions and 15 deletions

View file

@ -67,8 +67,12 @@ if [[ $- = *i* ]] ; then
# load logging functions
. ${MSC_BASE}/logging
# PKCS11_MODULE for etoken/smartcard authentification
[ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && PKCS11_MODULE=$(whereis p11-kit-proxy.so|awk '{print $2}')
# P11M for etoken/smartcard authentification
echo P11M: $P11M
echo PM: $PM
echo P11M: $P11M
[ -z "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}')
[ -z "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}')
# Basics
[ -z "${VISUAL+x}" ] && export VISUAL=vim

View file

@ -2,7 +2,7 @@
set -eu
set -x
[ -z "${PKCS11_MODULE+x}" ] && PKCS11_MODULE="$(dnf repoquery --installed -l p11-kit | grep \/p11-kit-proxy.so\$ | head -1)"
[ -z "${P11M+x}" ] && P11M="$(dnf repoquery --installed -l p11-kit | grep \/p11-kit-proxy.so\$ | head -1)"
echo SSH_AGENT_PID before: $SSH_AGENT_PID
@ -11,13 +11,13 @@ echo SSH_AGENT_PID before: $SSH_AGENT_PID
echo SSH_AGENT_PID after: $SSH_AGENT_PID
#if ssh-add -l | grep -q "${PKCS11_MODULE}"; then
#if ssh-add -l | grep -q "${P11M}"; then
# # Remove any stale loaded keys from token, ssh-agent does not automatically
# # reconnect with the token when you reinsert it.
# ssh-add -e "${PKCS11_MODULE}"
# ssh-add -e "${P11M}"
#fi
ssh-add -e "${PKCS11_MODULE}" 2>/dev/null
ssh-add -e "${P11M}" 2>/dev/null
echo $?
# Tell ssh-agent to use the keys on the token
ssh-add -s "${PKCS11_MODULE}"
ssh-add -s "${P11M}"

View file

@ -817,14 +817,14 @@ utoken () {
ENTRY
ssh_identity=$1
[ -z "${PKCS11_MODULE+x}" ] && { PKCS11_MODULE=/usr/lib64/p11-kit-proxy.so; export PKCS11_MODULE; }
[ -z "${P11M+x}" ] && { P11M=/usr/lib64/p11-kit-proxy.so; export P11M; }
if [ -n "${ssh_identity+x}" ]; then
agentfile="${HOME}/.ssh/agents/agent-${ssh_identity}-$(hostname)"
if [ -e "$agentfile" ]; then
local SSH_AUTH_SOCK
local SSH_AGENT_PID
/bin/sh -c ". $agentfile >/dev/null 2>/dev/null; ssh-add -l; ssh-add -e $PKCS11_MODULE; ssh-add -l"
/bin/sh -c ". $agentfile >/dev/null 2>/dev/null; ssh-add -l; ssh-add -e $P11M; ssh-add -l"
fi
fi
EXIT
@ -832,14 +832,14 @@ utoken () {
token(){
[ -z "${PKCS11_MODULE+x}" ] && { PKCS11_MODULE=/usr/lib64/p11-kit-proxy.so; export PKCS11_MODULE; }
[ -z "${P11M+x}" ] && { P11M=/usr/lib64/p11-kit-proxy.so; export P11M; }
# Usage:
# token <identity> will load token in agent. does nothing, if token is already loaded
# token -r|-f|--reload-token <identity> will remove token from agent and add it again (if plugged off and plugged in again
# startagent -t $@
# loadagent $@
loginfo "$(ssh-add -s $PKCS11_MODULE || { ssh-add -e $PKCS11_MODULE; ssh-add -s $PKCS11_MODULE; } )"
loginfo "$(ssh-add -s $P11M || { ssh-add -e $P11M; ssh-add -s $P11M; } )"
loginfo "$(ssh-add -l)"
@ -847,8 +847,8 @@ token(){
token-extract-pubkey() {
if pkcs11-tool --module $PKCS11_MODULE --list-token-slots >&2 ;then
ssh-keygen -i -m pkcs8 -f <(pkcs11-tool --module $PKCS11_MODULE -r --type pubkey $1 $2 |openssl rsa -pubin -inform DER )
if pkcs11-tool --module $P11M --list-token-slots >&2 ;then
ssh-keygen -i -m pkcs8 -f <(pkcs11-tool --module $P11M -r --type pubkey $1 $2 |openssl rsa -pubin -inform DER )
if [ $? -gt 0 ] ; then
token-list-objects
fi
@ -861,10 +861,10 @@ token-extract-pubkey() {
token-list-objects() {
case $1 in
--login|-l)
pkcs11-tool --module $PKCS11_MODULE --login --list-objects
pkcs11-tool --module $P11M --login --list-objects
;;
*)
pkcs11-tool --module $PKCS11_MODULE --list-objects
pkcs11-tool --module $P11M --list-objects
;;
esac