hoang-himself · hoang-himself · May 18, 2022 · May 18, 2022 · May 18, 2022 · May 18, 2022
diff --git a/linux/bootstrap_apt.sh b/linux/bootstrap_apt.sh
@@ -54,7 +54,8 @@ function install_pyenv {
 }
 
 function install_openssh {
-  mkdir -p "$HOME/.config/ssh"
+  #mkdir -p "$HOME/.config/ssh"
+  mkdir -p "$HOME/.ssh/config.d"
   mkdir -p "$HOME/.ssh/sockets"
   sudo mkdir -p "/etc/ssh/keys/$(whoami)"
 

diff --git a/linux/bootstrap_dnf.sh b/linux/bootstrap_dnf.sh
@@ -15,6 +15,8 @@ function install_prompt {
   export ZDOTDIR="$XDG_CONFIG_HOME/zsh"
 
   sudo dnf install -y zsh
+
+  # Use heredoc to automatically press enter on confirmation
   sudo lchsh "$USER" <<EOF
 $(command -v zsh)
 EOF
@@ -54,15 +56,16 @@ function install_pyenv {
 }
 
 function install_openssh {
-  mkdir -p "$HOME/.config/ssh"
+  #mkdir -p "$HOME/.config/ssh"
+  mkdir -p "$HOME/.ssh/config.d"
   mkdir -p "$HOME/.ssh/sockets"
   sudo mkdir -p "/etc/ssh/keys/$(whoami)"
 
   sudo dnf install -y openssh-server openssh-clients
 
-  # ln -frs ./configs/openssh/ssh_config "$XDG_CONFIG_HOME"/ssh/config
+  #ln -frs ./configs/openssh/ssh_config "$XDG_CONFIG_HOME"/ssh/config
   ln -frs ./configs/openssh/ssh_config "$HOME"/.ssh/config
-  # sudo ln -frs ./configs/openssh/sshd_config /etc/ssh/sshd_config
+  #sudo ln -frs ./configs/openssh/sshd_config /etc/ssh/sshd_config
 }
 
 function install_gcc {

diff --git a/linux/configs/openssh/ssh_config b/linux/configs/openssh/ssh_config
@@ -1,21 +1,13 @@
-# ssh_config(5)
-
-#Include <glob(7)>
-#IgnoreUnknown ServerAliveInterval,ServerAliveCountMax
 EscapeChar ~
+#IgnoreUnknown ServerAliveInterval,ServerAliveCountMax
+Include ~/.ssh/config.d/*
 
-Host rpi
-  HostName raspberrypi.local
-  User pi
-  Port 22
-  ForwardX11 yes
-
-Host 192.168.*
+Host *.local
+  AddKeysToAgent yes
   ForwardAgent yes
 
 Host *
   ExitOnForwardFailure yes
   ControlMaster auto
-  # %C == %r@%h-%p
   ControlPath ${HOME}/.ssh/sockets/%C
   ControlPersist 600
diff --git a/linux/runcoms/zfunctions b/linux/runcoms/zfunctions
@@ -11,6 +11,60 @@ function update-compose {
   chmod +x ~/.docker/cli-plugins/docker-compose
 }
 
+function ssh-hostgen {
+  if [[ $# -ne 5 ]]; then
+    echo 'ssh-hostgen <algorithm> <host> <hostname> <port> <user>'
+    echo ''
+    echo '            algorithm: ed25519, ecdsa, dsa, rsa'
+    echo '            host:      alias that you use to access this host'
+    echo '            hostname:  hostname of the host'
+    echo '            port:      port of the host, usually 22'
+    echo '            user:      user to login to the host'
+    return 0
+  fi
+
+  local algorithm="$1"
+  case "$algorithm" in
+  ed25519)
+    algorithm='ed25519'
+    ;;
+  ecdsa)
+    algorithm='ecdsa -b 521'
+    ;;
+  dsa)
+    algorithm='dsa'
+    ;;
+  rsa)
+    algorithm='rsa -b 4096'
+    ;;
+  *)
+    echo 'algorithm must be one of ed25519, ecdsa, dsa, rsa'
+    return 1
+    ;;
+  esac
+  local h="$2"
+  local hostname="$3"
+  local p="$4"
+  if ! [[ $p =~ ^[0-9]+$ ]]; then
+    echo "port must be an integer" >&2
+    return 1
+  fi
+  local u="$5"
+
+  ssh-keygen -t "$algorithm" -f "$HOME/.ssh/id_$1_$h" -C "$u@$hostname"
+
+  cat <<EOF >>"$HOME/.ssh/config.d/$hostname"
+Host $h
+  HostName $hostname
+  CanonicalizeHostname yes
+  Port $p
+  User $u
+  IdentityFile ~/.ssh/id_$1_$h.pub
+  IdentitiesOnly yes
+
+EOF
+}
+
 function createtmp {
   echo "Saving current directory as \$CURDIR"
   CURDIR=$(pwd)

diff --git a/linux/runcoms/zshrc b/linux/runcoms/zshrc
@@ -110,6 +110,8 @@ zstyle ':completion:*:*:docker-*:*' option-stacking yes
 
 # ssh-agent plugin
 zstyle :omz:plugins:ssh-agent agent-forwarding yes
+zstyle :omz:plugins:ssh-agent quiet yes
+zstyle :omz:plugins:ssh-agent ssh-add-args -q
 
 # Which plugins would you like to load?
 # Standard plugins can be found in $ZSH/plugins/

diff --git a/windows/configs/openssh/ssh_config b/windows/configs/openssh/ssh_config
@@ -1,22 +1,13 @@
-# Reuse connections in backlog
-# https://github.com/PowerShell/Win32-OpenSSH/wiki/Project-Scope
-
-# RemoteForward blocked by upstream
-# https://github.com/PowerShell/Win32-OpenSSH/issues/1564
-
-#Include <glob(7)>
-#IgnoreUnknown ServerAliveInterval,ServerAliveCountMax
 EscapeChar ~
+#IgnoreUnknown ServerAliveInterval,ServerAliveCountMax
+Include ~/.ssh/config.d/*
 
-Host rpi
-  HostName raspberrypi.local
-  User pi
-  Port 22
-  ForwardX11 yes
-
-Host 192.168.*
+Host *.local
+  AddKeysToAgent yes
   ForwardAgent yes
 
 Host *
   ExitOnForwardFailure yes
+  # Reuse connections in backlog
+  # https://github.com/PowerShell/Win32-OpenSSH/wiki/Project-Scope
   ControlMaster no
diff --git a/windows/install.ps1 b/windows/install.ps1
@@ -122,10 +122,12 @@ function Install-OpenSSH {
     New-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
   }
 
+  New-Item -ItemType Directory -Path "$env:ProgramData\ssh\keys\$env:USERNAME" -Force
+  #icacls.exe "C:\ProgramData\ssh\administrators_authorized_keys" /inheritance:r /grant "Administrators:F" /grant "SYSTEM:F"
+  New-Item -ItemType Directory -Path "$env:USERPROFILE\.ssh\config.d" -Force
+  New-Item -ItemType Directory -Path "$env:USERPROFILE\.ssh\sockets" -Force
   New-Item -ItemType SymbolicLink -Path "$env:USERPROFILE\.ssh\config" `
     -Target $(Resolve-Path -LiteralPath .\configs\openssh\ssh_config) -Force
-  New-Item -ItemType Directory -Path "$env:ProgramData\ssh\keys\$env:USERNAME" -Force
-  # icacls.exe "C:\ProgramData\ssh\administrators_authorized_keys" /inheritance:r /grant "Administrators:F" /grant "SYSTEM:F"
   New-Item -ItemType SymbolicLink -Path "$env:ProgramData\ssh\sshd_config" `
     -Target $(Resolve-Path -LiteralPath .\configs\openssh\sshd_config) -Force
   New-ItemProperty -Path 'HKLM:\SOFTWARE\OpenSSH' -PropertyType String `
@@ -147,15 +149,15 @@ function Install-Config {
       New-Item -ItemType SymbolicLink -Path "$env:USERPROFILE\.$($_.Name)" `
         -Target $_.FullName -Force
     }
-  # Add-Content "$env:ProfileDir\.gitconfig.local" $null
+  #Add-Content "$env:ProfileDir\.gitconfig.local" $null
 
   Get-ChildItem -Path '.\configs\gnupg\' |
     ForEach-Object {
       New-Item -ItemType SymbolicLink -Path "$env:USERPROFILE\.gnupg\$($_.Name)" `
         -Target $_.FullName -Force
     }
 
-  # Retard mode enabled here
+  # Good luck
   @(
     @('', ''),
     @('Preview', '_preview')

diff --git a/windows/runcoms/completions.ps1 b/windows/runcoms/completions.ps1
@@ -2,23 +2,27 @@
 param()
 
 function Get-SSHHost($sshConfigPath) {
+  $sshConfigPath = $sshConfigPath.Replace('/', '\')
+  if ($sshConfigPath -NotMatch ':\\|^(\\|~)') {
+    $sshConfigPath = '~\.ssh\' + $sshConfigPath
+  }
   Get-Content -Path $sshConfigPath `
   | Select-String -Pattern '^Host ' `
   | ForEach-Object { $_ -replace 'Host ', '' } `
   | ForEach-Object { $_ -split ' ' } `
   | Sort-Object -Unique `
-  | Select-String -Pattern '[?*]' -NotMatch
+  | Select-String -Pattern '[?!*]' -NotMatch
 }
 
 Register-ArgumentCompleter -CommandName 'ssh', 'scp', 'sftp' -Native -ScriptBlock {
   param($wordToComplete, $commandAst, $cursorPosition)
 
   $sshPath = "$env:USERPROFILE\.ssh"
 
-  $hosts = Get-Content -Path "$sshPath\config" `
+  [Collections.Generic.List[String]]$hosts = Get-Content -Path "$sshPath\config" `
   | Select-String -Pattern '^Include ' `
   | ForEach-Object { $_ -replace 'Include ', '' } `
-  | ForEach-Object { Get-SSHHost "$sshPath\$_" }
+  | ForEach-Object { Get-SSHHost "$_" }
   $hosts += Get-SSHHost "$sshPath\config"
 
   $hosts = $hosts | Sort-Object -Unique
@@ -27,33 +31,35 @@ Register-ArgumentCompleter -CommandName 'ssh', 'scp', 'sftp' -Native -ScriptBloc
   | ForEach-Object { $_ }
 }
 
-# function Get-SSHKnownHost($sshKnownHostsPath) {
-#   Get-Content -Path $sshKnownHostsPath `
-#   | ForEach-Object { $_.split(' ')[0] } `
-#   | Sort-Object -Unique
-# }
-
-# Register-ArgumentCompleter -CommandName 'ssh', 'scp', 'sftp' -Native -ScriptBlock {
-#   param($wordToComplete, $commandAst, $cursorPosition)
-
-#   $sshPath = "$env:USERPROFILE\.ssh"
-
-#   $config_hosts = Get-Content -Path "$sshPath\config" `
-#   | Select-String -Pattern '^Include ' `
-#   | ForEach-Object { $_ -replace 'Include ', '' } `
-#   | ForEach-Object { Get-SSHHost "$sshPath\$_" }
-#   $config_hosts += Get-SSHHost "$sshPath\config"
-#   $known_hosts = Get-SSHKnownHost "$sshPath\known_hosts"
-
-#   $config_hosts = $config_hosts | Sort-Object -Unique
-#   $known_hosts = $known_hosts | Sort-Object -Unique
-
-#   if ($wordToComplete -match '^(?<user>[-\w/\\]+)@(?<host>[-.\w]+)$') {
-#     $known_hosts | Where-Object { $_ -like "$($Matches['host'].ToString())*" } `
-#     | ForEach-Object { "$($Matches['user'].ToString())@$_" }
-#   }
-#   else {
-#     $config_hosts | Where-Object { $_ -like "$wordToComplete*" } `
-#     | ForEach-Object { $_ }
-#   }
-# }
+<#
+function Get-SSHKnownHost($sshKnownHostsPath) {
+  Get-Content -Path $sshKnownHostsPath `
+  | ForEach-Object { $_.split(' ')[0] } `
+  | Sort-Object -Unique
+}
+
+Register-ArgumentCompleter -CommandName 'ssh', 'scp', 'sftp' -Native -ScriptBlock {
+  param($wordToComplete, $commandAst, $cursorPosition)
+
+  $sshPath = "$env:USERPROFILE\.ssh"
+
+  [Collections.Generic.List[String]]$config_hosts = Get-Content -Path "$sshPath\config" `
+  | Select-String -Pattern '^Include ' `
+  | ForEach-Object { $_ -replace 'Include ', '' } `
+  | ForEach-Object { Get-SSHHost "$_" }
+  $config_hosts += Get-SSHHost "$sshPath\config"
+  $known_hosts = Get-SSHKnownHost "$sshPath\known_hosts"
+
+  $config_hosts = $config_hosts | Sort-Object -Unique
+  $known_hosts = $known_hosts | Sort-Object -Unique
+
+  if ($wordToComplete -match '^(?<user>[-\w/\\]+)@(?<host>[-.\w]+)$') {
+    $known_hosts | Where-Object { $_ -like "$($Matches['host'].ToString())*" } `
+    | ForEach-Object { "$($Matches['user'].ToString())@$_" }
+  }
+  else {
+    $config_hosts | Where-Object { $_ -like "$wordToComplete*" } `
+    | ForEach-Object { $_ }
+  }
+}
+#>
diff --git a/windows/runcoms/functions.ps1 b/windows/runcoms/functions.ps1
@@ -1,3 +1,50 @@
+function ssh-hostgen {
+  [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseApprovedVerbs', '')]
+  param()
+  # Urban myth
+  # Throw is used to terminate an inner block of code and return to the calling block
+  if ($args.Length -ne 5) {
+    Write-Output 'ssh-hostgen <algorithm> <host> <hostname> <port> <user>'
+    Write-Output ''
+    Write-Output '    algorithm: ed25519, ecdsa, dsa, rsa'
+    Write-Output '    host:      alias that you use to access this host'
+    Write-Output '    hostname:  hostname of the host'
+    Write-Output '    port:      port of the host, usually 22'
+    Write-Output '    user:      user to login to the host'
+    return
+  }
+
+  $algorithm = switch ($args[0]) {
+    'ed25519' { @('ed25519', '') }
+    'ecdsa' { @('ecdsa', '-b 521') }
+    'dsa' { @('dsa', '') }
+    'rsa' { @('rsa', '-b 4096') }
+    default {
+      throw [System.ArgumentException] 'algorithm must be one of ed25519, ecdsa, dsa, rsa'
+    }
+  }
+  $h = $args[1]
+  $hostname = $args[2]
+  $p = if ($args[3] -is [int]) {
+    $args[3]
+  }
+  else {
+    throw [System.ArgumentException] 'port must be an integer'
+  }
+  $u = $args[4]
+
+  & 'ssh-keygen' -t @algorithm -f "$HOME/.ssh/id_$($args[0])_$h" -C "$u@$hostname"
+
+  Add-Content -Path "$HOME/.ssh/config.d/$hostname" -Value "Host $h"
+  Add-Content -Path "$HOME/.ssh/config.d/$hostname" -Value "  HostName $hostname"
+  Add-Content -Path "$HOME/.ssh/config.d/$hostname" -Value "  CanonicalizeHostname yes"
+  Add-Content -Path "$HOME/.ssh/config.d/$hostname" -Value "  Port $p"
+  Add-Content -Path "$HOME/.ssh/config.d/$hostname" -Value "  User $u"
+  Add-Content -Path "$HOME/.ssh/config.d/$hostname" -Value "  IdentityFile ~/.ssh/id_$($args[0])_$h.pub"
+  Add-Content -Path "$HOME/.ssh/config.d/$hostname" -Value "  IdentitiesOnly yes"
+  Add-Content -Path "$HOME/.ssh/config.d/$hostname" -Value ""
+}
+
 function Update-Prompt {
   [CmdletBinding(SupportsShouldProcess)]
   param()