change variable from PKCS11_MODUlE to P11M
This commit is contained in:
Jakobus Schürz
parent
9ffd8eac45
commit
d1d9596868
3 changed files with 19 additions and 15 deletions
|
|
@ -67,8 +67,12 @@ if [[ $- = *i* ]] ; then
|
||||||
# load logging functions
|
# load logging functions
|
||||||
. ${MSC_BASE}/logging
|
. ${MSC_BASE}/logging
|
||||||
|
|
||||||
# PKCS11_MODULE for etoken/smartcard authentification
|
# P11M for etoken/smartcard authentification
|
||||||
[ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && PKCS11_MODULE=$(whereis p11-kit-proxy.so|awk '{print $2}')
|
echo P11M: $P11M
|
||||||
|
echo PM: $PM
|
||||||
|
echo P11M: $P11M
|
||||||
|
[ -z "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}')
|
||||||
|
[ -z "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}')
|
||||||
|
|
||||||
# Basics
|
# Basics
|
||||||
[ -z "${VISUAL+x}" ] && export VISUAL=vim
|
[ -z "${VISUAL+x}" ] && export VISUAL=vim
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
set -eu
|
set -eu
|
||||||
set -x
|
set -x
|
||||||
[ -z "${PKCS11_MODULE+x}" ] && PKCS11_MODULE="$(dnf repoquery --installed -l p11-kit | grep \/p11-kit-proxy.so\$ | head -1)"
|
[ -z "${P11M+x}" ] && P11M="$(dnf repoquery --installed -l p11-kit | grep \/p11-kit-proxy.so\$ | head -1)"
|
||||||
|
|
||||||
echo SSH_AGENT_PID before: $SSH_AGENT_PID
|
echo SSH_AGENT_PID before: $SSH_AGENT_PID
|
||||||
|
|
||||||
|
|
@ -11,13 +11,13 @@ echo SSH_AGENT_PID before: $SSH_AGENT_PID
|
||||||
|
|
||||||
echo SSH_AGENT_PID after: $SSH_AGENT_PID
|
echo SSH_AGENT_PID after: $SSH_AGENT_PID
|
||||||
|
|
||||||
#if ssh-add -l | grep -q "${PKCS11_MODULE}"; then
|
#if ssh-add -l | grep -q "${P11M}"; then
|
||||||
# # Remove any stale loaded keys from token, ssh-agent does not automatically
|
# # Remove any stale loaded keys from token, ssh-agent does not automatically
|
||||||
# # reconnect with the token when you reinsert it.
|
# # reconnect with the token when you reinsert it.
|
||||||
# ssh-add -e "${PKCS11_MODULE}"
|
# ssh-add -e "${P11M}"
|
||||||
#fi
|
#fi
|
||||||
|
|
||||||
ssh-add -e "${PKCS11_MODULE}" 2>/dev/null
|
ssh-add -e "${P11M}" 2>/dev/null
|
||||||
echo $?
|
echo $?
|
||||||
# Tell ssh-agent to use the keys on the token
|
# Tell ssh-agent to use the keys on the token
|
||||||
ssh-add -s "${PKCS11_MODULE}"
|
ssh-add -s "${P11M}"
|
||||||
|
|
|
||||||
16
functions.sh
16
functions.sh
|
|
@ -817,14 +817,14 @@ utoken () {
|
||||||
ENTRY
|
ENTRY
|
||||||
ssh_identity=$1
|
ssh_identity=$1
|
||||||
|
|
||||||
[ -z "${PKCS11_MODULE+x}" ] && { PKCS11_MODULE=/usr/lib64/p11-kit-proxy.so; export PKCS11_MODULE; }
|
[ -z "${P11M+x}" ] && { P11M=/usr/lib64/p11-kit-proxy.so; export P11M; }
|
||||||
|
|
||||||
if [ -n "${ssh_identity+x}" ]; then
|
if [ -n "${ssh_identity+x}" ]; then
|
||||||
agentfile="${HOME}/.ssh/agents/agent-${ssh_identity}-$(hostname)"
|
agentfile="${HOME}/.ssh/agents/agent-${ssh_identity}-$(hostname)"
|
||||||
if [ -e "$agentfile" ]; then
|
if [ -e "$agentfile" ]; then
|
||||||
local SSH_AUTH_SOCK
|
local SSH_AUTH_SOCK
|
||||||
local SSH_AGENT_PID
|
local SSH_AGENT_PID
|
||||||
/bin/sh -c ". $agentfile >/dev/null 2>/dev/null; ssh-add -l; ssh-add -e $PKCS11_MODULE; ssh-add -l"
|
/bin/sh -c ". $agentfile >/dev/null 2>/dev/null; ssh-add -l; ssh-add -e $P11M; ssh-add -l"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
EXIT
|
EXIT
|
||||||
|
|
@ -832,14 +832,14 @@ utoken () {
|
||||||
|
|
||||||
token(){
|
token(){
|
||||||
|
|
||||||
[ -z "${PKCS11_MODULE+x}" ] && { PKCS11_MODULE=/usr/lib64/p11-kit-proxy.so; export PKCS11_MODULE; }
|
[ -z "${P11M+x}" ] && { P11M=/usr/lib64/p11-kit-proxy.so; export P11M; }
|
||||||
|
|
||||||
# Usage:
|
# Usage:
|
||||||
# token <identity> will load token in agent. does nothing, if token is already loaded
|
# token <identity> will load token in agent. does nothing, if token is already loaded
|
||||||
# token -r|-f|--reload-token <identity> will remove token from agent and add it again (if plugged off and plugged in again
|
# token -r|-f|--reload-token <identity> will remove token from agent and add it again (if plugged off and plugged in again
|
||||||
# startagent -t $@
|
# startagent -t $@
|
||||||
# loadagent $@
|
# loadagent $@
|
||||||
loginfo "$(ssh-add -s $PKCS11_MODULE || { ssh-add -e $PKCS11_MODULE; ssh-add -s $PKCS11_MODULE; } )"
|
loginfo "$(ssh-add -s $P11M || { ssh-add -e $P11M; ssh-add -s $P11M; } )"
|
||||||
loginfo "$(ssh-add -l)"
|
loginfo "$(ssh-add -l)"
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -847,8 +847,8 @@ token(){
|
||||||
|
|
||||||
|
|
||||||
token-extract-pubkey() {
|
token-extract-pubkey() {
|
||||||
if pkcs11-tool --module $PKCS11_MODULE --list-token-slots >&2 ;then
|
if pkcs11-tool --module $P11M --list-token-slots >&2 ;then
|
||||||
ssh-keygen -i -m pkcs8 -f <(pkcs11-tool --module $PKCS11_MODULE -r --type pubkey $1 $2 |openssl rsa -pubin -inform DER )
|
ssh-keygen -i -m pkcs8 -f <(pkcs11-tool --module $P11M -r --type pubkey $1 $2 |openssl rsa -pubin -inform DER )
|
||||||
if [ $? -gt 0 ] ; then
|
if [ $? -gt 0 ] ; then
|
||||||
token-list-objects
|
token-list-objects
|
||||||
fi
|
fi
|
||||||
|
|
@ -861,10 +861,10 @@ token-extract-pubkey() {
|
||||||
token-list-objects() {
|
token-list-objects() {
|
||||||
case $1 in
|
case $1 in
|
||||||
--login|-l)
|
--login|-l)
|
||||||
pkcs11-tool --module $PKCS11_MODULE --login --list-objects
|
pkcs11-tool --module $P11M --login --list-objects
|
||||||
;;
|
;;
|
||||||
*)
|
*)
|
||||||
pkcs11-tool --module $PKCS11_MODULE --list-objects
|
pkcs11-tool --module $P11M --list-objects
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue