From e4f8c314fa2e7e90b9744d6ed9c30582e48efcfc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz?= Date: Thu, 6 May 2021 00:56:01 +0200 Subject: [PATCH 1/9] change variable from PKCS11_MODUlE to P11M --- bashrc_add | 8 ++++++-- bin/ssh-init-pkcs11 | 10 +++++----- functions.sh | 16 ++++++++-------- 3 files changed, 19 insertions(+), 15 deletions(-) diff --git a/bashrc_add b/bashrc_add index 6e5c37e..fd2f7e5 100755 --- a/bashrc_add +++ b/bashrc_add @@ -67,8 +67,12 @@ if [[ $- = *i* ]] ; then # load logging functions . ${MSC_BASE}/logging - # PKCS11_MODULE for etoken/smartcard authentification - [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && PKCS11_MODULE=$(whereis p11-kit-proxy.so|awk '{print $2}') + # P11M for etoken/smartcard authentification + echo P11M: $P11M + echo PM: $PM + echo P11M: $P11M + [ -z "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}') + [ -z "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}') # Basics [ -z "${VISUAL+x}" ] && export VISUAL=vim diff --git a/bin/ssh-init-pkcs11 b/bin/ssh-init-pkcs11 index 35f36a3..605d939 100755 --- a/bin/ssh-init-pkcs11 +++ b/bin/ssh-init-pkcs11 @@ -2,7 +2,7 @@ set -eu set -x -[ -z "${PKCS11_MODULE+x}" ] && PKCS11_MODULE="$(dnf repoquery --installed -l p11-kit | grep \/p11-kit-proxy.so\$ | head -1)" +[ -z "${P11M+x}" ] && P11M="$(dnf repoquery --installed -l p11-kit | grep \/p11-kit-proxy.so\$ | head -1)" echo SSH_AGENT_PID before: $SSH_AGENT_PID @@ -11,13 +11,13 @@ echo SSH_AGENT_PID before: $SSH_AGENT_PID echo SSH_AGENT_PID after: $SSH_AGENT_PID -#if ssh-add -l | grep -q "${PKCS11_MODULE}"; then +#if ssh-add -l | grep -q "${P11M}"; then # # Remove any stale loaded keys from token, ssh-agent does not automatically # # reconnect with the token when you reinsert it. -# ssh-add -e "${PKCS11_MODULE}" +# ssh-add -e "${P11M}" #fi -ssh-add -e "${PKCS11_MODULE}" 2>/dev/null +ssh-add -e "${P11M}" 2>/dev/null echo $? # Tell ssh-agent to use the keys on the token -ssh-add -s "${PKCS11_MODULE}" +ssh-add -s "${P11M}" diff --git a/functions.sh b/functions.sh index 2102a04..82e7c76 100755 --- a/functions.sh +++ b/functions.sh @@ -816,14 +816,14 @@ utoken () { ENTRY ssh_identity=$1 - [ -z "${PKCS11_MODULE+x}" ] && { PKCS11_MODULE=/usr/lib64/p11-kit-proxy.so; export PKCS11_MODULE; } + [ -z "${P11M+x}" ] && { P11M=/usr/lib64/p11-kit-proxy.so; export P11M; } if [ -n "${ssh_identity+x}" ]; then agentfile="${HOME}/.ssh/agents/agent-${ssh_identity}-$(hostname)" if [ -e "$agentfile" ]; then local SSH_AUTH_SOCK local SSH_AGENT_PID - /bin/sh -c ". $agentfile >/dev/null 2>/dev/null; ssh-add -l; ssh-add -e $PKCS11_MODULE; ssh-add -l" + /bin/sh -c ". $agentfile >/dev/null 2>/dev/null; ssh-add -l; ssh-add -e $P11M; ssh-add -l" fi fi EXIT @@ -831,14 +831,14 @@ utoken () { token(){ - [ -z "${PKCS11_MODULE+x}" ] && { PKCS11_MODULE=/usr/lib64/p11-kit-proxy.so; export PKCS11_MODULE; } + [ -z "${P11M+x}" ] && { P11M=/usr/lib64/p11-kit-proxy.so; export P11M; } # Usage: # token will load token in agent. does nothing, if token is already loaded # token -r|-f|--reload-token will remove token from agent and add it again (if plugged off and plugged in again # startagent -t $@ # loadagent $@ - loginfo "$(ssh-add -s $PKCS11_MODULE || { ssh-add -e $PKCS11_MODULE; ssh-add -s $PKCS11_MODULE; } )" + loginfo "$(ssh-add -s $P11M || { ssh-add -e $P11M; ssh-add -s $P11M; } )" loginfo "$(ssh-add -l)" @@ -846,8 +846,8 @@ token(){ token-extract-pubkey() { - if pkcs11-tool --module $PKCS11_MODULE --list-token-slots >&2 ;then - ssh-keygen -i -m pkcs8 -f <(pkcs11-tool --module $PKCS11_MODULE -r --type pubkey $1 $2 |openssl rsa -pubin -inform DER ) + if pkcs11-tool --module $P11M --list-token-slots >&2 ;then + ssh-keygen -i -m pkcs8 -f <(pkcs11-tool --module $P11M -r --type pubkey $1 $2 |openssl rsa -pubin -inform DER ) if [ $? -gt 0 ] ; then token-list-objects fi @@ -860,10 +860,10 @@ token-extract-pubkey() { token-list-objects() { case $1 in --login|-l) - pkcs11-tool --module $PKCS11_MODULE --login --list-objects + pkcs11-tool --module $P11M --login --list-objects ;; *) - pkcs11-tool --module $PKCS11_MODULE --list-objects + pkcs11-tool --module $P11M --list-objects ;; esac From 85d84a86253494321eb85140eb366904c04823f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz?= Date: Thu, 6 May 2021 00:57:20 +0200 Subject: [PATCH 2/9] add P11M to sshs --- functions.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/functions.sh b/functions.sh index 82e7c76..c644bb5 100755 --- a/functions.sh +++ b/functions.sh @@ -64,6 +64,7 @@ sudo() { GIT_COMMITTER_NAME="$GIT_COMMITTER_NAME" \ TMUX="$TMUX" \ SSHS="$SSHS" \ + P11M="$P11M" \ SSH_TTY="$SSH_TTY" \ SSH_AUTH_SOCK="$SSH_AUTH_SOCK" \ http_proxy="$http_proxy" \ From 247d0e782eb829127de6bf6b0e0c4af606ef3bd2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz?= Date: Thu, 6 May 2021 00:58:00 +0200 Subject: [PATCH 3/9] add alias --- aliases | 1 + 1 file changed, 1 insertion(+) diff --git a/aliases b/aliases index 146132e..afb345a 100644 --- a/aliases +++ b/aliases @@ -13,6 +13,7 @@ alias cdlastfiledir='cd $(history -p \!\!:$:h)' #alias ssh='function f() { trap "reset; stty sane; tput rs1; clear; echo -e \"\033c\"" EXIT ; ssh $@; }; f $@' alias s='sshs $(history -p \!ssh:$:t)' alias sexit='ssh -O exit $(history -p \!ssh:$:t)' +alias remountshared='sudo systemctl restart media-remote-sharefs-userdata.mount' From eb85d752d86c756941277bef7a561e60f0fa7a86 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz?= Date: Thu, 6 May 2021 01:07:21 +0200 Subject: [PATCH 4/9] remove duplicate line --- bashrc_add | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bashrc_add b/bashrc_add index fd2f7e5..aef1389 100755 --- a/bashrc_add +++ b/bashrc_add @@ -72,7 +72,7 @@ if [[ $- = *i* ]] ; then echo PM: $PM echo P11M: $P11M [ -z "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}') - [ -z "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}') + #[ -z "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}') # Basics [ -z "${VISUAL+x}" ] && export VISUAL=vim From e1d1ec4a3c51e03cbd2f87cba5a13ce38328e2d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz?= Date: Thu, 6 May 2021 01:08:53 +0200 Subject: [PATCH 5/9] change filling variable --- bashrc_add | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/bashrc_add b/bashrc_add index aef1389..f311367 100755 --- a/bashrc_add +++ b/bashrc_add @@ -69,9 +69,7 @@ if [[ $- = *i* ]] ; then # P11M for etoken/smartcard authentification echo P11M: $P11M - echo PM: $PM - echo P11M: $P11M - [ -z "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}') + [ -n "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}') #[ -z "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}') # Basics From 5dc7ef31c7ea0ea939bee9218ef96da9e5c6a5b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz?= Date: Thu, 6 May 2021 01:10:59 +0200 Subject: [PATCH 6/9] change filling variable --- bashrc_add | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bashrc_add b/bashrc_add index f311367..d48cbb0 100755 --- a/bashrc_add +++ b/bashrc_add @@ -69,7 +69,7 @@ if [[ $- = *i* ]] ; then # P11M for etoken/smartcard authentification echo P11M: $P11M - [ -n "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}') + [ -z "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}') #[ -z "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}') # Basics From bb8fe79fea1c04686a58ac15770b7f0f7a94ec03 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz?= Date: Thu, 6 May 2021 01:14:08 +0200 Subject: [PATCH 7/9] add debug --- bashrc_add | 1 + 1 file changed, 1 insertion(+) diff --git a/bashrc_add b/bashrc_add index d48cbb0..f0686ee 100755 --- a/bashrc_add +++ b/bashrc_add @@ -70,6 +70,7 @@ if [[ $- = *i* ]] ; then # P11M for etoken/smartcard authentification echo P11M: $P11M [ -z "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}') + echo P11M: $P11M #[ -z "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}') # Basics From 911a6c5af02436085fae411db445018c2acf0bcb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz?= Date: Thu, 6 May 2021 01:15:20 +0200 Subject: [PATCH 8/9] change debug --- bashrc_add | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bashrc_add b/bashrc_add index f0686ee..80f5a79 100755 --- a/bashrc_add +++ b/bashrc_add @@ -68,9 +68,9 @@ if [[ $- = *i* ]] ; then . ${MSC_BASE}/logging # P11M for etoken/smartcard authentification - echo P11M: $P11M + logdebug P11M: $P11M [ -z "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}') - echo P11M: $P11M + logdebug P11M: $P11M #[ -z "${P11M+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && P11M=$(whereis p11-kit-proxy.so|awk '{print $2}') # Basics From f73bff54b6b023633d5f861cceb717809dbd7b8c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz?= Date: Thu, 6 May 2021 01:29:13 +0200 Subject: [PATCH 9/9] add variable to tmux environment --- tmux/tmux.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tmux/tmux.conf b/tmux/tmux.conf index fb1374f..69c914a 100644 --- a/tmux/tmux.conf +++ b/tmux/tmux.conf @@ -177,7 +177,7 @@ source-file "${HOME}/.tmux/plugins/tmux-themepack/powerline/block/green.tmuxthem # source local tmux.config source-file -q "${HOME}/.local/share/tmux/tmux.conf" -set -g update-environment "SSH_ASKPASS WINDOWID SSH_CONNECTION XAUTHORITY SSH_TTY SSH_AUTH_SOCK DISPLAY" +set -g update-environment "SSH_ASKPASS WINDOWID SSH_CONNECTION XAUTHORITY SSH_TTY SSH_AUTH_SOCK DISPLAY P11M" #set-environment -g 'SSH_AUTH_SOCK' ~/.ssh/ssh_auth_sock