From 64df1b08ecd98f67daa309e4ae25ff40f2368e5f Mon Sep 17 00:00:00 2001
From: "kebler.net" <kebler.net@gmail.com>
Date: Sat, 31 Dec 2022 23:29:20 -0800
Subject: [PATCH] refactor ssh-pubkey to handle finding public key in multiple
 ways

---
 modules/networks.mod   |  5 ++-
 modules/ssh-pubkey.mod | 75 ++++++++++++++++++++++++++++++++++--------
 modules/ssh-utils.mod  | 32 +++++++++++++++++-
 3 files changed, 94 insertions(+), 18 deletions(-)

diff --git a/modules/networks.mod b/modules/networks.mod
index 94828dc..8a6ffdb 100644
--- a/modules/networks.mod
+++ b/modules/networks.mod
@@ -97,7 +97,6 @@ get_network_paths
 if [[ $BASH_NETWORK_HOME_PATH ]]; then 
   # echo loading home $BASH_NETWORK_HOME_PATH
   shell_process_directory $BASH_NETWORK_HOME_PATH
-  [[ $BASH_SHELL_LOADED ]] && load_shell_host_user_dev
 fi  
 }
 
@@ -133,11 +132,11 @@ clear_networks () {
 
 networks_load () {
 
-  #  echo load_networks called $@
+  # echo load_networks called $@
   
   [[ $1 == "-h" ]] && { shift 1; load_home_network || return $?; }
   [[ $1 == "-a" ]] && { shift 1; load_all_networks || return $?; }
-  [[ $1 ]] && load_a_network $@ || return 1
+  [[ $1 ]] && { load_a_network $@ || return 1; }
   # echo loading ssh
   loadssh
   [[ $BASH_SHELL_LOADED ]] && load_shell_host_user_dev
diff --git a/modules/ssh-pubkey.mod b/modules/ssh-pubkey.mod
index 2ec4b1e..e5a168a 100644
--- a/modules/ssh-pubkey.mod
+++ b/modules/ssh-pubkey.mod
@@ -1,11 +1,63 @@
 #!/bin/bash
 
+_extractpubkey () {
+ name=${2:-$(basename $1)}
+ ssh-keygen -y -f $1 | sed "s/$/ ${name}/" 
+}
+
+getkeyname () {
+  if [[ $(echo $1 | awk -F . '{print $NF}') == "pub" ]]; then
+    basename "$1" | rev | cut -f 2- -d '.' | rev 
+  else
+   basename $1
+  fi
+}
+
+extractpubkey () {
+ [[ $1 ]] || return 1
+ [[ -f $1 ]] && _extractpubkey $1 && return 0
+#  echo try pubkeys dir
+   [[ $SSH_PUB_KEYS_DIR ]] && [[ -f $SSH_PUB_KEYS_DIR/$1 ]] && _extractpubkey $SSH_PUB_KEYS_DIR/$1 && return 0
+#  echo try home
+ [[ -f $HOME/.ssh/$1 ]] && _extractpubkey $HOME/.ssh/$1 && return 0
+ return 1
+}
+
+# need to use full filename including any .pub 
+catpubkey () {
+  [[ $1 ]] || return 1
+  local key; local pub
+  key=$1
+  if [[ $(echo $1 | awk -F . '{print $NF}') == "pub" ]]; then
+    key=$(basename "$1" | rev | cut -f 2- -d '.' | rev) 
+    pub=$1
+  else
+    pub="${1}.pub"
+    key=$(basename $1)
+  fi
+  # echo try agent $key
+  key=$(ssh-add -L | sed -n /$key/p)
+  [[ $key ]] && echo $key && return 0
+  # echo try $pub
+  [[ -f $pub ]] && cat $pub && return 0
+  # echo try $SSH_PUB_KEYS_DIR/$pub
+  [[ $SSH_PUB_KEYS_DIR ]] && [[ -f $SSH_PUB_KEYS_DIR/$pub ]] && cat $SSH_PUB_KEYS_DIR/$pub && return 0
+  # echo $HOME/.ssh/$pub
+  [[ -f $HOME/.ssh/$pub ]] &&  cat $HOME/.ssh/$pub && return 0
+  # echo try extract key from private key
+  extractpubkey $key
+}
+
+
 #example: 
 # initial xfer of pubkey with a password
 # sshpubkey <pubkey opts> host <ssh run options> -- <more ssh options>
 
+# TODO way to get public key
+# try agent first with sed ssh-add -L | sed -n /sysadmin.kebler.net/p
+# then in current directory, in SSH_PUB_DIR directory, in .ssh directory (or within)
+# try pub file, then extract from private key
     
-SSH_PUB_KEYS=${SSH_PUB_KEYS:-$HOME/.ssh}
 export SSH_PUB_KEYS
 module_load path
 module_load ssh
@@ -14,9 +66,9 @@ sshpubkey () {
 
     # echo default pub key dir: $SSH_PUB_KEYS
 
-    local key=$SSH_PUB_KEYS/id_rsa.pub
+    local kname=id_rsa
     local user
-    local opts;local dr="true";local rm; local ropts;local kname
+    local opts;local dr="true";local rm; local ropts
     local vkey; local kuser; local host; local supass; local replace
     local scmd; local _sudo; local list
 
@@ -45,16 +97,9 @@ sshpubkey () {
         rm=$OPTARG
         ;;  
       k)
-        kname=$OPTARG
-        if [[ $(isAbsPath $OPTARG) ]]; then
-          key=$OPTARG
-         else 
-          key=${OPTARG}.pub
-          if [[ ! -f $key ]]; then key=${SSH_PUB_KEYS:-$HOME/.ssh}/$OPTARG.pub; fi
-        fi  
-        if [[ ! -f $key ]]; then echo "no file $key"; return 4; fi
-        echo key $key found, continuing
-        ;;
+        kpath=$OPTARG
+        key=$(getkeyname $kpath)
+       ;;
       o)
         opts=$OPTARG
         ;;  
@@ -146,7 +191,9 @@ sshpubkey () {
     return $?
   fi 
 
-  vkey=$(cat $key) # get actaul content of key file
+  vkey=$(catpubkey $kpath) # get actaul content of public key
+   [[ $? -gt 0 ]] && echo no valid public key for $key at $kpath found && return 4
+  
   ## Alternate remote user?
   if [[ $kuser ]]; then 
     [[ ! $supass ]] && { echo remote user, $user, password must be supplied for sudo. use -s;return 7; }
diff --git a/modules/ssh-utils.mod b/modules/ssh-utils.mod
index 07809b5..d57234b 100644
--- a/modules/ssh-utils.mod
+++ b/modules/ssh-utils.mod
@@ -24,4 +24,34 @@ ssh_dir_permissions() {
     sudo chmod 400 $HOME/.ssh/id_rsa
     sudo chmod 644 $HOME/.ssh/id_rsa.pub
     sudo chmod 600 $HOME/.ssh/known_hosts
-}
\ No newline at end of file
+}
+
+
+sshkeygen () {
+  local OPTION; local OPTARG; local OPTIND; local pem
+  local encode="-t ecdsa"; local pass
+  while getopts 'pr' OPTION; do
+    # echo $OPTION $OPTARG
+    case "$OPTION" in
+    
+    p)
+      pem="-m PEM"
+      ;;  
+    r)
+      encode="-t rsa"
+    ;; 
+    *)
+      echo unknown sshkeygen option $OPTION
+      ;;  
+    esac
+  done
+
+  shift $((OPTIND - 1))
+
+  [[ ! $1 ]] && echo must supply a private key name && return 1
+  [[ $2 ]] && pass="-P $2" || echo warning, you creating an unencrypted key without a passphrase
+
+ ssh-keygen -f $1 -t ecdsa -b 521 -C $1 $pass $pem
+
+}
+