diff options
Diffstat (limited to 'scripts/firstrun/02-ssh-common')
-rw-r--r-- | scripts/firstrun/02-ssh-common | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/scripts/firstrun/02-ssh-common b/scripts/firstrun/02-ssh-common index 140970b..c1d90cb 100644 --- a/scripts/firstrun/02-ssh-common +++ b/scripts/firstrun/02-ssh-common @@ -1,7 +1,10 @@ +# vim:ft=sh: # fedora setup local host local found +local expected +local obtained wget https://admin.fedoraproject.org/ssh_known_hosts -O ~/.ssh/fedora-known_hosts while read host; do @@ -23,3 +26,28 @@ done <<-EOFOUT git.fedorahosted.org EOFOUT # git.fedorahosted.org ~ fedorahosted.org + +# github +expected=$(wget https://help.github.com/articles/generating-ssh-keys -O- \ + | xmllint --html --xpath \ + "//pre[@class='command-line']/span/text()[starts-with(.,'RSA key fingerprint is ')]" \ + - | cut -c24-70) + +obtained=$(expect <<-EOF + log_user 0 + spawn ssh git@github.com \ + -oStrictHostKeyChecking=ask \ + -oUserKnownHostsFile=~/.ssh/github-known_hosts \ + -oIdentityFile=/dev/null + expect -re {RSA key fingerprint is ([[:xdigit:]]{2}(?:[:][[:xdigit:]]{2}){15})} { + set fingerprint \$expect_out(1,string) + puts "\$fingerprint" + send "no\r" + sleep 1 + } +EOF +) + +[ "${obtained}" = "${expected}" ] \ + && ssh-keyscan github.com >~/.ssh/github-known_hosts 2>/dev/null + || echo "Documented and obtained RSA fingerprint does NOT match" |