From 6e9267bf75c6d7ce93e7a4be22d88d2c354cfcb9 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Tue, 26 Mar 2019 23:31:11 -0300 Subject: Do not list keys without password at ssh-agent-loadkey (robust approach) --- ssh-agent-loadkey | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ssh-agent-loadkey b/ssh-agent-loadkey index 840ea82..841e3d2 100755 --- a/ssh-agent-loadkey +++ b/ssh-agent-loadkey @@ -18,7 +18,8 @@ function __query { ( cd $KEYS && find -name '*.pub' | sed -e 's/.pub$//' | grep -v decomissioned | while read line; do # See https://security.stackexchange.com/questions/129724/how-to-check-if-an-ssh-private-key-has-passphrase-or-not#129727 - if grep -q ',ENCRYPTED' $line; then + #if grep -q ',ENCRYPTED' $line; then + if ! ssh-keygen -y -P "" -f $line &> /dev/null; then handle="`echo $line | cut -d '/' -f 3`" type="`echo $line | cut -d '/' -f 2`" echo "$handle ($type)" -- cgit v1.2.3