ssf: almost full rewrite with pass support

author: Guillermo Ramos 2023-11-07 12:52:40 +0100
committer: Guillermo Ramos 2023-11-07 12:52:45 +0100
commit: d67aa99ef627fd028da6059ad5610866e6332877 (patch)
tree: ef51ccc4604980bef6d3c8683fd03db84908c736 /passh
parent: d5d95d418f5959a70f7fe79210562f98c3fad5e9 (diff)
download: cli-d67aa99ef627fd028da6059ad5610866e6332877.tar.gz
1 files changed, 34 insertions, 0 deletions
diff --git a/passh b/passh
new file mode 100755
index 0000000..765c0c9
--- /dev/null
+++ b/passh
@@ -0,0 +1,34 @@
+#!/bin/sh
+
+PASS_PREFIX="tc/ssh/"
+
+host="$1"
+
+# Open an "anonymous" fifo in fd 3
+pipe="$(mktemp -u)" # get random path
+mkfifo "$pipe" # create a fifo there
+exec 3<> "$pipe" # open fifo rw at fd 3
+rm "$pipe" # remove file
+
+echo -n "Trying to get password from 'pass'... "
+if pass show "${PASS_PREFIX}$host" 2> /dev/null >&3; then
+    echo "FOUND ('${PASS_PREFIX}$host'). Connecting..."
+    exec sshpass -d3 ssh -o StrictHostKeyChecking=accept-new $@
+else
+    echo "not found. Trying pubkeys..."
+    ssh -o NumberOfPasswordPrompts=0 -o StrictHostKeyChecking=accept-new $@
+    ok=$?
+    if [ "$ok" -ne 0 ]; then
+        read -rp "Connection via pubkey failed, password? " passphrase
+        echo "$passphrase" >&3
+        echo "Connecting with passphrase..."
+        sshpass -d3 ssh -o StrictHostKeyChecking=accept-new $@
+        ok=$?
+        if [ "$ok" -eq 0 ]; then
+            echo "It worked! Storing password..."
+            echo "$passphrase" | pass insert -e "${PASS_PREFIX}$host"
+        else
+            echo "Unable to connect with password either; giving up."
+        fi
+    fi
+fi
author	Guillermo Ramos	2023-11-07 12:52:40 +0100
committer	Guillermo Ramos	2023-11-07 12:52:45 +0100
commit	d67aa99ef627fd028da6059ad5610866e6332877 (patch)
tree	ef51ccc4604980bef6d3c8683fd03db84908c736 /passh
parent	d5d95d418f5959a70f7fe79210562f98c3fad5e9 (diff)
download	cli-d67aa99ef627fd028da6059ad5610866e6332877.tar.gz