-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathssh-store-key-rmeove-paranoia-test-and-using-keychain-and-expect.sh
executable file
·108 lines (89 loc) · 2.12 KB
/
ssh-store-key-rmeove-paranoia-test-and-using-keychain-and-expect.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
#!/bin/sh
#set -eux
# sample of keychain
# not using gpg-agent,ssh-agent,pinentry-gnome
#
# exit
trap "
keychain --clear
keychain -k mine
" EXIT
export HISTIGNORE="expect*";
# ssh store key remove clear delete
echo "removing ssh store keys,Identities"
#
#ssh-add -D
keychain --clear
keychain -k mine
# pkill ssh-agent
# if pkill all ssh-agent process
# keychain -k all
# display ssh store key
ssh-add -l
keychain -l
# if gpg-agent ssh enable
# delete key gpg-agent store ssh keys
keys=$(gpg-connect-agent 'KEYINFO --ssh-list --ssh-fpr --with-ssh' /bye | awk '{print $3}' | head -n -1)
echo "GPG ssh enable keys:"
echo $keys
echo "deleting"
for key in $keys; do gpg-connect-agent "delete_key $key" /bye; done
# gnome-keyring-daemon pinentry-gnome
#
echo
echo "if using seahorse, gnome-keyring-daemon, and if passphrase is stored, stored file is here."
echo "~/.local/share/keyrings/"
ls -l ~/.local/share/keyrings/
# rm ~/.local/share/keyrings/*
# confirm
echo "SSH_AUTH_SOCK" $SSH_AUTH_SOCK
ls -l $SSH_AUTH_SOCK
echo "unset SSH_AUTH_SOCK"
unset SSH_AUTH_SOCK
# then all ssh store keys is disable
echo "####################################"
echo "this is sample of using keychain and expect"
echo "####################################"
echo
#################################
# sample of using keychain
#
# ssh password file
password=$(cat ~/.ssh/pass)
expect << EOF
spawn keychain --agents ssh --eval id_ed25519
expect "* passphrase *:" {
stty -echo
send "$password\r"
stty echo
}
expect eof
EOF
eval `keychain --agents ssh --eval id_ed25519`
ls -l $SSH_AUTH_SOCK
# then this script only keychain enable
# test command,git,rsync,ssh and so on
echo "test command"
echo "git pull"
git pull
# end of keychain enable
#
#ssh-add -D
keychain --clear
# kill ssh-agent
keychain -k mine
#############################################
# confirm
# display ssh store key
echo "ssh-add -l, keychain -l"
ssh-add -l
keychain -l
echo "keychain -k mine:kill my ssh-agent process."
keychain -k mine
# confirm
echo "confirm"
echo "SSH_AUTH_SOCK" $SSH_AUTH_SOCK
ls -l $SSH_AUTH_SOCK
echo "unset SSH_AUTH_SOCK"
unset SSH_AUTH_SOCK
exit 0;