From 017fa931577631619777f32e3476c663773af274 Mon Sep 17 00:00:00 2001 From: Hauro Date: Sun, 5 Apr 2015 13:46:08 +0200 Subject: [PATCH] Filter invalid keys --- update-keydb.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/update-keydb.sh b/update-keydb.sh index cf89f6f..25a80e5 100755 --- a/update-keydb.sh +++ b/update-keydb.sh @@ -22,6 +22,13 @@ rm -f ${outfile} find "${dest}/keys" -name '*.pub' | sort | \ while read keyfile do +valid_key=$(ssh-keygen -l -f ${keyfile}) +if [ "$?" -eq "0" ]; then +if [ $(echo "${valid_key}" | cut -d" " -f1) -ne "4096" ]; then +echo "Key size of key ${keyfile} not equal to 4096. Not adding it to key database." >&2 +continue +fi +fi printf "command=\"/usr/sbin/foodoor.sh ${action}\",no-port-forwarding,no-X11-forwarding,no-agent-forwarding " >> ${outfile} cat "${keyfile}" >> ${outfile} done