From f0e4160c6c9a5e9e24781e2a7678d487cda69da1 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Tue, 26 Mar 2019 21:38:26 -0300 Subject: Do not list keys without password at ssh-agent-loadkey --- ssh-agent-loadkey | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'ssh-agent-loadkey') diff --git a/ssh-agent-loadkey b/ssh-agent-loadkey index b6fefb1..840ea82 100755 --- a/ssh-agent-loadkey +++ b/ssh-agent-loadkey @@ -17,9 +17,12 @@ fi function __query { ( cd $KEYS && find -name '*.pub' | sed -e 's/.pub$//' | grep -v decomissioned | while read line; do - handle="`echo $line | cut -d '/' -f 3`" - type="`echo $line | cut -d '/' -f 2`" - echo "$handle ($type)" + # See https://security.stackexchange.com/questions/129724/how-to-check-if-an-ssh-private-key-has-passphrase-or-not#129727 + if grep -q ',ENCRYPTED' $line; then + handle="`echo $line | cut -d '/' -f 3`" + type="`echo $line | cut -d '/' -f 2`" + echo "$handle ($type)" + fi done ) } -- cgit v1.2.3