diff --git a/known_hosts.sh b/known_hosts.sh deleted file mode 100755 index 83e6494a..00000000 --- a/known_hosts.sh +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/bash - -# Originally taken from the Flux project (https://github.com/fluxcd/flux/tree/master/docker) where is under an -# Apache-2.0 license - -set -eu - -known_hosts_file=${1} -known_hosts_file=${known_hosts_file:-/etc/ssh/ssh_known_hosts} -hosts="github.com gitlab.com bitbucket.org ssh.dev.azure.com vs-ssh.visualstudio.com" -hosts_2022="source.developers.google.com" - -# The heredoc below was generated by constructing a known_hosts using -# -# ssh-keyscan github.com gitlab.com bitbucket.org ssh.dev.azure.com vs-ssh.visualstudio.com > ./known_hosts -# -# then generating the sorted fingerprints with -# -# ssh-keygen -l -f ./known_hosts | LC_ALL=C sort -# -# then checking against the published fingerprints from: -# - github.com: https://help.github.com/articles/github-s-ssh-key-fingerprints/ -# - gitlab.com: https://docs.gitlab.com/ee/user/gitlab_com/#ssh-host-keys-fingerprints -# - bitbucket.org: https://confluence.atlassian.com/bitbucket/ssh-keys-935365775.html -# - ssh.dev.azure.com & vs-ssh.visualstudio.com: sign in, then go to User settings -> SSH Public Keys -# (this is where the public key fingerprint is shown; it's not a setting) -# - source.developers.google.com: https://cloud.google.com/source-repositories/docs/cloning-repositories - -fingerprints=$(mktemp -t) -cleanup() { - rm -f "$fingerprints" -} -trap cleanup EXIT - -# make sure sorting is in the same locale as the heredoc -export LC_ALL=C - -generate() { - ssh-keyscan ${hosts} > ${known_hosts_file} - ssh-keyscan -p 2022 ${hosts_2022} >> ${known_hosts_file} -} - -validate() { -ssh-keygen -l -f ${known_hosts_file} | sort > "$fingerprints" - -diff - "$fingerprints" <