-
Notifications
You must be signed in to change notification settings - Fork 3
/
ssh-pass.sh
executable file
·72 lines (60 loc) · 2.44 KB
/
ssh-pass.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
#!/bin/bash
################################################################################
# #
# ssh-pass: Openssh-client wrapper that uses password-store to retrieve the #
# -------- login password for the specified host. The username is either #
# specified in the pass entry, pass.conf or the current user. #
# #
# Author: Tor Inge Skaar #
# #
################################################################################
. /usr/local/etc/pass.conf
# Usage
if [ $# -eq 0 ] || [ ${1} == "-h" ] || [ ${1} == "--help" ]; then
echo "Usage: ${0##*/} <hostname>"
echo "Hot tip: ${0##*/} has bash completion, so simply tab away!"
exit
fi
# Get hostname from input arguments
HOST=$1
# Check for USER overrides
if [ `pass ${HOST} | grep -ic "user="` -eq 1 ]; then
# USER specified as option in pass store entry
USER=`pass ${HOST} | grep -i "user=" | cut -d= -f2`
elif [ -n "$SSHUSER" ]; then
# USER specified in pass.conf
USER=$SSHUSER
fi
# Check for SSH OPTIONS overrides
if [ `pass ${HOST} | grep -ic "options="` -eq 1 ]; then
# Use options from pass store entry
optstr=`pass ${HOST} | grep -i "options=" | sed 's/options=//'`
else
# Use options as defined in pass.conf
optstr=`echo ${SSHOPTIONS} | sed 's/SSHOPTIONS=//;s/"//g'`
fi
for opt in $(echo $optstr | tr ';' '\n'); do
SSH_OPTIONS="${SSH_OPTIONS} -o $opt"
done
# Get password for host
PASS=`pass ${HOST} | head -n 1`
SSH_ASKPASS_SCRIPT=`mktemp`
# Create a self-destructing temporary SSH_ASKPASS script
cat > ${SSH_ASKPASS_SCRIPT} <<EOL
#!/bin/bash
echo "${PASS}"
rm -f ${SSH_ASKPASS_SCRIPT}
EOL
chmod u+x ${SSH_ASKPASS_SCRIPT}
# Set no display, necessary for ssh to play nice with setsid and SSH_ASKPASS.
export DISPLAY=:0
export SSH_ASKPASS=${SSH_ASKPASS_SCRIPT}
# Log connection attempt and options used to auth.log
logger -p auth.info "ssh-pass ${USER}@${HOST} (Connection attempt)"
if [ -n "$optstr" ]; then
logger -p auth.info "ssh-pass using options: ${optstr}"
fi
# Execute ssh through setsid and fork to background
setsid ssh ${SSH_OPTIONS} ${USER}@${HOST}
# Log connection termination to auth.log
logger -p auth.info "ssh-pass ${USER}@${HOST} (Connection closed)"