idmgr/lib/idmgr_mod_ssh.sh

#!/bin/bash


IDM_MOD_DEPS="id gpg"

# trap 'idm_ssh_kill' 0

## SSH functions
##########################################

idm_ssh_help ()
{
  echo "Secure Shell"
#  printf "  %-20s: %s\n" "info" "Info submenu"
  printf "  %-20s: %s\n" "ssh ls" "List unlocked keys"
  printf "  %-20s: %s\n" "ssh new" "Create new ssh key (ssh-keygen)"
  printf "  %-20s: %s\n" "ssh add" "Unlock known keypairs"
  printf "  %-20s: %s\n" "ssh rm" "Lock known keypairs"
  printf "  %-20s: %s\n" "ssh del" "Delete keypair"

  printf "  %-20s: %s\n" "ssh enable" "Enable agent"
  printf "  %-20s: %s\n" "ssh disable" "Disable agent"
  printf "  %-20s: %s\n" "ssh kill" "Kill agent"
  
}

idm_ssh ()
{
  # Argument maangement
  if [ "$#" -eq 1 ]; then
    local id=$1 
    idm_ssh_ls $id
    return 0
  else
    local action=$1
    local id=$2
    shift 2 || true
    local opt=${@-}
  fi

  # Internal override case
  
  # Fallback to command
  idm_ssh_help
  return 1

}


## Required functions
##########################################

idm_ssh_ls ()
{
  local id=$1
  local opt=${2:--l}

  idm_is_enabled $id

  { ssh-add $opt || true ; } | idm_log DUMP -
}

idm_ssh_disable ()
{
  local id=$1
  idm_is_enabled $id

  # Return portion of code to clean
  echo "unset SSH_AUTH_SOCK SSH_AGENT_PID"

}

idm_ssh_enable ()
{
  local id=$1
  idm_is_enabled $id

  #set -x 

  # Source environment
  if [ -f "${XDG_RUNTIME_DIR}/ssh-agent/${id}/env" ] ; then
    . "${XDG_RUNTIME_DIR}/ssh-agent/${id}/env" 
  else 
    unset SSH_AUTH_SOCK
  fi

  # Check if the socket file is available
  if [ ! -S "${SSH_AUTH_SOCK-}" ]; then
    rm -f "${XDG_RUNTIME_DIR}/ssh-agent/${id}/env"
    idm_ssh__start $id
  fi

  # Show the things to source
  cat "${XDG_RUNTIME_DIR}/ssh-agent/${id}/env" 

}

# LOGOUT
idm_ssh_kill () {

  #set -x

  local id=$1
  local run_dir="${XDG_RUNTIME_DIR}/ssh-agent/${id}"

  idm_is_enabled $id

  #idm_log NOTICE "Cleaning ssh-agent ..."

  [ -z "${SSH_AGENT_PID-}" ] && \
    [ -f "$run_dir/env" ] && \
      . "$run_dir/env"

  # Clean ssh-agent process
  if kill -0 ${SSH_AGENT_PID-} &>/dev/null; then
    /usr/bin/ssh-agent -k >/dev/null 
    idm_log NOTICE "Kill ssh-agent ..."
  fi
    #eval "$(/usr/bin/ssh-agent -k 2>/dev/null)" 

  # Clean ssh-agent env file
  [ ! -f "${XDG_RUNTIME_DIR}/ssh-agent/${id}/env" ] || \
    rm "${XDG_RUNTIME_DIR}/ssh-agent/${id}/env"

  # Disable agent
  idm_ssh_disable $id

  set +x

}


## Internal functions
##########################################
idm_ssh__start() {
  local id=$1
  local life=5d
  local run_dir="${XDG_RUNTIME_DIR}/ssh-agent/${id}"

  if [ -z "${SSH_AUTH_SOCK-}" ] ; then

    if [ ! -d "$run_dir" ]; then
      mkdir -p "$run_dir"
    fi

    if [ ! -S "$run_dir/socket" ]; then
      ssh-agent -a "$run_dir/socket" -t $life -s | grep ^SSH_ > "$run_dir/env"
      idm_log INFO "Start ssh-agent ..."

    else
      idm_log INFO "The ssh-agent is already started (but not managed by ourself)"
    fi

  else
    idm_log INFO "The ssh-agent is already started"
  fi
}

## Extended functions
##########################################

idm_ssh_add ()
{
  local id=$1
  local key=${2-}
  local maxdepth=1

  idm_is_enabled $id


  if [[ ! -z $key ]]; then
      pub_keys=$(find ~/.ssh/id -maxdepth $maxdepth -name "${id}_*" -name '*pub' -name "*$1*" | sort)
  else
      pub_keys=$(find ~/.ssh/id -maxdepth $maxdepth -name "${id}_*" -name '*pub' | sort)
  fi

  # Get list of key
  local key_list=""
  while read -r pub_key; do
      #if [[ -f "$(sed 's/\.pub$/.key/' <<< "${pub_key}" )" ]]; then
      if [[ -f "${pub_key//\.pub/.key}" ]]; then
          key_list="$key_list ${pub_key//\.pub/.key}"
      else
          #if [[ -f "$(sed 's/\.pub$//' <<< "${pub_key}" )" ]]; then
          if [[ -f "${pub_key%\.pub}" ]]; then
              key_list="$key_list ${pub_key%\.pub}"
          fi
      fi
  done <<< "$pub_keys"

  [ -n "$pub_keys" ] || \
    idm_exit 0 WARN "No keys found"

  idm_log INFO "Adding keys:"
  xargs -n 1 <<<$key_list | idm_log DUMP -

  echo ""
  ssh-add $key_list

}