Shell: improved SSH-Agent security, still some caveats though.
parent
8b4ee9b1d7
commit
08d8ceb98d
|
@ -98,16 +98,16 @@ export EDITOR
|
||||||
#esac
|
#esac
|
||||||
|
|
||||||
## SSH-Agent
|
## SSH-Agent
|
||||||
SSH_DEST_FOLDER="/tmp/ssh-agent_env"
|
## WARNING: this is somewhat insecure. avoid using it on a mutli-user machine.
|
||||||
if [ $(ps ax -o command="" | grep -c "ssh-agent") -eq 1 ]; then
|
if [ $(ps ax -o command="" | grep -c "ssh-agent") -eq 1 ]; then
|
||||||
SSH_AGENT_VARS=$(ssh-agent)
|
SSH_AGENT_VARS=$(ssh-agent)
|
||||||
eval $(echo ${SSH_AGENT_VARS})
|
eval $(echo "${SSH_AGENT_VARS}")
|
||||||
echo ${SSH_AGENT_VARS} | sed '2q' > "$SSH_DEST_FOLDER"
|
rm -f "/tmp/ssh-agent-env"
|
||||||
chmod 444 "$SSH_DEST_FOLDER"
|
echo "${SSH_AGENT_VARS}" | sed '2q' | cut -d'=' -f2 | cut -d';' -f1 > "/tmp/ssh-agent-env"
|
||||||
unset $SSH_DEST_FOLDER
|
chmod 444 "/tmp/ssh-agent-env"
|
||||||
unset $SSH_AGENT_VARS
|
unset $SSH_AGENT_VARS
|
||||||
else
|
else
|
||||||
eval $(cat "$SSH_DEST_FOLDER")
|
SSH_AUTH_SOCK=$(sed -n '1{p;q}' "/tmp/ssh-agent-env") ; export SSH_AUTH_SOCK
|
||||||
unset $SSH_DEST_FOLDER
|
SSH_AGENT_PID=$(sed -n '2{p;q}' "/tmp/ssh-agent-env") 2>/dev/null ; export SSH_AGENT_PID
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue