Skip to content

Commit

Permalink
feat: add --print and --write flags.
Browse files Browse the repository at this point in the history
--print will print the key and cert to stdout. This could be useful
for debugging purposes?

--write will write the key and cert to files, key and
key-cert.pub. You can add these files to ssh-agent manually.
  • Loading branch information
Adam Simpson committed Jun 11, 2021
1 parent cdda7a3 commit bc86ecf
Showing 1 changed file with 51 additions and 5 deletions.
56 changes: 51 additions & 5 deletions cmd/ssh.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ import (
"errors"
"fmt"
"io"
"io/ioutil"
"log"
"net"
"net/http"
Expand Down Expand Up @@ -41,6 +42,18 @@ sb adds the returned Cert + Private key to your local ssh-agent.`,
log.Fatal("Error parsing url flag: ", err)
}

print, err := cmd.Flags().GetBool("print")

if err != nil {
log.Fatal("Error parsing print flag: ", err)
}

write, err := cmd.Flags().GetBool("write")

if err != nil {
log.Fatal("Error parsing write flag: ", err)
}

cert, err := getCert(url)

if err != nil {
Expand All @@ -51,16 +64,47 @@ sb adds the returned Cert + Private key to your local ssh-agent.`,
log.Fatal("Cert doesn't have a Key.")
}

sshCert, key, err := parseCert(cert)
if print {
printCertAndKey(cert)
}

if err != nil {
log.Fatal("Error parsing Certificate: ", err)
if write {
writeToFile(cert)
}

addToAgent(sshCert, key)
if !write && !print {
sshCert, key, err := parseCert(cert)
if err != nil {
log.Fatal("Error parsing Certificate: ", err)
}

addToAgent(sshCert, key)
}
},
}

func writeToFile(cert Cert) {
err := ioutil.WriteFile("key", []byte(cert.Key), 0600)
if err != nil {
fmt.Println("Error writing key file: ", err)
}

err = ioutil.WriteFile("key-cert.pub", []byte(cert.Certificate), 0600)
if err != nil {
fmt.Println("Error writing key file: ", err)
}
}

func printCertAndKey(cert Cert) {
fmt.Println(`ssh-agent expects a private key to go along with a certificate.
To add a certificate to ssh-agent manually you specify the private key (bar)
and it will automatically detect the certificate (bar-cert.pub) by convention.`)
fmt.Println("Certificate: ")
fmt.Println(cert.Certificate)
fmt.Println("Key: ")
fmt.Println(cert.Key)
}

func parseCert(cert Cert) (sshCert *ssh.Certificate, key *ecdsa.PrivateKey, error error) {
block, _ := pem.Decode([]byte(cert.Key))

Expand Down Expand Up @@ -136,5 +180,7 @@ func getCert(url string) (cert Cert, error error) {

func init() {
rootCmd.AddCommand(sshCmd)
sshCmd.Flags().String("url", "https://slackd-beta.herokuapp.com", "Set an alternate API URL")
sshCmd.Flags().StringP("url", "u", "https://slackd-beta.herokuapp.com", "Set an alternate API URL")
sshCmd.Flags().BoolP("print", "p", false, "Print cert and private key instead of adding to ssh-agent")
sshCmd.Flags().BoolP("write", "w", false, "Write cert (key-cert.pub) and key (key) to files instead of adding them to ssh-agent")
}

0 comments on commit bc86ecf

Please sign in to comment.