79 lines
2.8 KiB
Diff
79 lines
2.8 KiB
Diff
Accumulated changes to fix ssh-copy-id, pulled from
|
|
https://github.com/openssh/openssh-portable/tree/ce941c75ea9cd6c358508a5b206809846c8d9240
|
|
|
|
--- contrib/ssh-copy-id
|
|
+++ contrib/ssh-copy-id
|
|
@@ -76,7 +76,7 @@
|
|
}
|
|
|
|
use_id_file() {
|
|
- local L_ID_FILE="$1"
|
|
+ L_ID_FILE="$1"
|
|
|
|
if [ -z "$L_ID_FILE" ] ; then
|
|
printf '%s: ERROR: no ID file found\n' "$0"
|
|
@@ -94,7 +94,7 @@
|
|
# check that the files are readable
|
|
for f in "$PUB_ID_FILE" ${PRIV_ID_FILE:+"$PRIV_ID_FILE"} ; do
|
|
ErrMSG=$( { : < "$f" ; } 2>&1 ) || {
|
|
- local L_PRIVMSG=""
|
|
+ L_PRIVMSG=""
|
|
[ "$f" = "$PRIV_ID_FILE" ] && L_PRIVMSG=" (to install the contents of '$PUB_ID_FILE' anyway, look at the -f option)"
|
|
printf "\\n%s: ERROR: failed to open ID file '%s': %s\\n" "$0" "$f" "$(printf '%s\n%s\n' "$ErrMSG" "$L_PRIVMSG" | sed -e 's/.*: *//')"
|
|
exit 1
|
|
@@ -169,7 +169,7 @@
|
|
# populate_new_ids() uses several global variables ($USER_HOST, $SSH_OPTS ...)
|
|
# and has the side effect of setting $NEW_IDS
|
|
populate_new_ids() {
|
|
- local L_SUCCESS="$1"
|
|
+ L_SUCCESS="$1"
|
|
|
|
# shellcheck disable=SC2086
|
|
if [ "$FORCED" ] ; then
|
|
@@ -181,13 +181,12 @@
|
|
eval set -- "$SSH_OPTS"
|
|
|
|
umask 0177
|
|
- local L_TMP_ID_FILE
|
|
L_TMP_ID_FILE=$(mktemp ~/.ssh/ssh-copy-id_id.XXXXXXXXXX)
|
|
if test $? -ne 0 || test "x$L_TMP_ID_FILE" = "x" ; then
|
|
printf '%s: ERROR: mktemp failed\n' "$0" >&2
|
|
exit 1
|
|
fi
|
|
- local L_CLEANUP="rm -f \"$L_TMP_ID_FILE\" \"${L_TMP_ID_FILE}.stderr\""
|
|
+ L_CLEANUP="rm -f \"$L_TMP_ID_FILE\" \"${L_TMP_ID_FILE}.stderr\""
|
|
# shellcheck disable=SC2064
|
|
trap "$L_CLEANUP" EXIT TERM INT QUIT
|
|
printf '%s: INFO: attempting to log in with the new key(s), to filter out any that are already installed\n' "$0" >&2
|
|
@@ -237,7 +236,8 @@
|
|
# produce a one-liner to add the keys to remote authorized_keys file
|
|
# optionally takes an alternative path for authorized_keys
|
|
installkeys_sh() {
|
|
- local AUTH_KEY_FILE=${1:-.ssh/authorized_keys}
|
|
+ AUTH_KEY_FILE=${1:-.ssh/authorized_keys}
|
|
+ AUTH_KEY_DIR=$(dirname "${AUTH_KEY_FILE}")
|
|
|
|
# In setting INSTALLKEYS_SH:
|
|
# the tr puts it all on one line (to placate tcsh)
|
|
@@ -247,10 +247,10 @@
|
|
# the -z `tail ...` checks for a trailing newline. The echo adds one if was missing
|
|
# the cat adds the keys we're getting via STDIN
|
|
# and if available restorecon is used to restore the SELinux context
|
|
- INSTALLKEYS_SH=$(tr '\t\n' ' ' <<-EOF)
|
|
+ INSTALLKEYS_SH=$(tr '\t\n' ' ' <<-EOF
|
|
cd;
|
|
umask 077;
|
|
- mkdir -p $(dirname "${AUTH_KEY_FILE}") &&
|
|
+ mkdir -p "${AUTH_KEY_DIR}" &&
|
|
{ [ -z \`tail -1c ${AUTH_KEY_FILE} 2>/dev/null\` ] || echo >> ${AUTH_KEY_FILE}; } &&
|
|
cat >> ${AUTH_KEY_FILE} ||
|
|
exit 1;
|
|
@@ -258,6 +258,7 @@
|
|
restorecon -F .ssh ${AUTH_KEY_FILE};
|
|
fi
|
|
EOF
|
|
+ )
|
|
|
|
# to defend against quirky remote shells: use 'exec sh -c' to get POSIX;
|
|
printf "exec sh -c '%s'" "${INSTALLKEYS_SH}"
|