diff --git a/bashrc_add b/bashrc_add index 6e5c37e..fd2f7e5 100755 --- a/bashrc_add +++ b/bashrc_add @@ -67,8 +67,12 @@ if [[ $- = *i* ]] ; then # load logging functions . ${MSC_BASE}/logging - # PKCS11_MODULE for etoken/smartcard authentification - [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && PKCS11_MODULE=$(whereis p11-kit-proxy.so|awk '{print $2}') + # P11M for etoken/smartcard authentification + echo P11M: $P11M + echo PM: $PM + echo P11M: $P11M + [ -z "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}') + [ -z "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}') # Basics [ -z "${VISUAL+x}" ] && export VISUAL=vim diff --git a/bin/ssh-init-pkcs11 b/bin/ssh-init-pkcs11 index 35f36a3..605d939 100755 --- a/bin/ssh-init-pkcs11 +++ b/bin/ssh-init-pkcs11 @@ -2,7 +2,7 @@ set -eu set -x -[ -z "${PKCS11_MODULE+x}" ] && PKCS11_MODULE="$(dnf repoquery --installed -l p11-kit | grep \/p11-kit-proxy.so\$ | head -1)" +[ -z "${P11M+x}" ] && P11M="$(dnf repoquery --installed -l p11-kit | grep \/p11-kit-proxy.so\$ | head -1)" echo SSH_AGENT_PID before: $SSH_AGENT_PID @@ -11,13 +11,13 @@ echo SSH_AGENT_PID before: $SSH_AGENT_PID echo SSH_AGENT_PID after: $SSH_AGENT_PID -#if ssh-add -l | grep -q "${PKCS11_MODULE}"; then +#if ssh-add -l | grep -q "${P11M}"; then # # Remove any stale loaded keys from token, ssh-agent does not automatically # # reconnect with the token when you reinsert it. -# ssh-add -e "${PKCS11_MODULE}" +# ssh-add -e "${P11M}" #fi -ssh-add -e "${PKCS11_MODULE}" 2>/dev/null +ssh-add -e "${P11M}" 2>/dev/null echo $? # Tell ssh-agent to use the keys on the token -ssh-add -s "${PKCS11_MODULE}" +ssh-add -s "${P11M}" diff --git a/functions.sh b/functions.sh index 4259586..c644bb5 100755 --- a/functions.sh +++ b/functions.sh @@ -817,14 +817,14 @@ utoken () { ENTRY ssh_identity=$1 - [ -z "${PKCS11_MODULE+x}" ] && { PKCS11_MODULE=/usr/lib64/p11-kit-proxy.so; export PKCS11_MODULE; } + [ -z "${P11M+x}" ] && { P11M=/usr/lib64/p11-kit-proxy.so; export P11M; } if [ -n "${ssh_identity+x}" ]; then agentfile="${HOME}/.ssh/agents/agent-${ssh_identity}-$(hostname)" if [ -e "$agentfile" ]; then local SSH_AUTH_SOCK local SSH_AGENT_PID - /bin/sh -c ". $agentfile >/dev/null 2>/dev/null; ssh-add -l; ssh-add -e $PKCS11_MODULE; ssh-add -l" + /bin/sh -c ". $agentfile >/dev/null 2>/dev/null; ssh-add -l; ssh-add -e $P11M; ssh-add -l" fi fi EXIT @@ -832,14 +832,14 @@ utoken () { token(){ - [ -z "${PKCS11_MODULE+x}" ] && { PKCS11_MODULE=/usr/lib64/p11-kit-proxy.so; export PKCS11_MODULE; } + [ -z "${P11M+x}" ] && { P11M=/usr/lib64/p11-kit-proxy.so; export P11M; } # Usage: # token will load token in agent. does nothing, if token is already loaded # token -r|-f|--reload-token will remove token from agent and add it again (if plugged off and plugged in again # startagent -t $@ # loadagent $@ - loginfo "$(ssh-add -s $PKCS11_MODULE || { ssh-add -e $PKCS11_MODULE; ssh-add -s $PKCS11_MODULE; } )" + loginfo "$(ssh-add -s $P11M || { ssh-add -e $P11M; ssh-add -s $P11M; } )" loginfo "$(ssh-add -l)" @@ -847,8 +847,8 @@ token(){ token-extract-pubkey() { - if pkcs11-tool --module $PKCS11_MODULE --list-token-slots >&2 ;then - ssh-keygen -i -m pkcs8 -f <(pkcs11-tool --module $PKCS11_MODULE -r --type pubkey $1 $2 |openssl rsa -pubin -inform DER ) + if pkcs11-tool --module $P11M --list-token-slots >&2 ;then + ssh-keygen -i -m pkcs8 -f <(pkcs11-tool --module $P11M -r --type pubkey $1 $2 |openssl rsa -pubin -inform DER ) if [ $? -gt 0 ] ; then token-list-objects fi @@ -861,10 +861,10 @@ token-extract-pubkey() { token-list-objects() { case $1 in --login|-l) - pkcs11-tool --module $PKCS11_MODULE --login --list-objects + pkcs11-tool --module $P11M --login --list-objects ;; *) - pkcs11-tool --module $PKCS11_MODULE --list-objects + pkcs11-tool --module $P11M --list-objects ;; esac