Do not list keys without password at ssh-agent-loadkey (robust approach)

author Silvio Rhatto <rhatto@riseup.net>

Wed, 27 Mar 2019 02:31:11 +0000 (23:31 -0300)

committer Silvio Rhatto <rhatto@riseup.net>

Wed, 27 Mar 2019 02:31:11 +0000 (23:31 -0300)
author Silvio Rhatto <rhatto@riseup.net>
Wed, 27 Mar 2019 02:31:11 +0000 (23:31 -0300)
committer Silvio Rhatto <rhatto@riseup.net>
Wed, 27 Mar 2019 02:31:11 +0000 (23:31 -0300)
diff --git a/ssh-agent-loadkey b/ssh-agent-loadkey

index 840ea827849c815ea2d2c51d24c5576e40e13a66..841e3d217b991b599f3da7d6d985d8ff095aa38f 100755 (executable)
--- a/ssh-agent-loadkey
+++ b/ssh-agent-loadkey
@@ -18,7 +18,8 @@ function __query {
    (
    cd $KEYS && find -name '*.pub' | sed -e 's/.pub$//' | grep -v decomissioned | while read line; do
      # See https://security.stackexchange.com/questions/129724/how-to-check-if-an-ssh-private-key-has-passphrase-or-not#129727
-    if grep -q ',ENCRYPTED' $line; then
+    #if grep -q ',ENCRYPTED' $line; then
+    if ! ssh-keygen -y -P "" -f $line &> /dev/null; then
        handle="`echo $line | cut -d '/' -f 3`"
        type="`echo $line | cut -d '/' -f 2`"
        echo "$handle ($type)"
author	Silvio Rhatto <rhatto@riseup.net>
	Wed, 27 Mar 2019 02:31:11 +0000 (23:31 -0300)
committer	Silvio Rhatto <rhatto@riseup.net>
	Wed, 27 Mar 2019 02:31:11 +0000 (23:31 -0300)