b8cb48ed38
instead of using '--stderr' on non-rhel based on the presense of /etc/redhat-release, just use the short form '-s' everywhere.
39 lines
1.0 KiB
Bash
Executable File
39 lines
1.0 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
logger_opts="-p user.info -t ec2"
|
|
|
|
# rhels' version of logger_opts does not support long
|
|
# for of -s (--stderr), so use short form.
|
|
logger_opts="$logger_opts -s"
|
|
|
|
# Redirect stderr to stdout
|
|
exec 2>&1
|
|
|
|
fp_blist=",${1},"
|
|
key_blist=",${2},"
|
|
{
|
|
echo
|
|
echo "#############################################################"
|
|
echo "-----BEGIN SSH HOST KEY FINGERPRINTS-----"
|
|
for f in /etc/ssh/ssh_host_*key.pub; do
|
|
[ -f "$f" ] || continue
|
|
read ktype line < "$f"
|
|
# skip the key if its type is in the blacklist
|
|
[ "${fp_blist#*,$ktype,}" = "${fp_blist}" ] || continue
|
|
ssh-keygen -l -f "$f"
|
|
done
|
|
echo "-----END SSH HOST KEY FINGERPRINTS-----"
|
|
echo "#############################################################"
|
|
|
|
} | logger $logger_opts
|
|
|
|
echo "-----BEGIN SSH HOST KEY KEYS-----"
|
|
for f in /etc/ssh/ssh_host_*key.pub; do
|
|
[ -f "$f" ] || continue
|
|
read ktype line < "$f"
|
|
# skip the key if its type is in the blacklist
|
|
[ "${key_blist#*,$ktype,}" = "${key_blist}" ] || continue
|
|
cat $f
|
|
done
|
|
echo "-----END SSH HOST KEY KEYS-----"
|