Add pam_exec-ssh

2021-04-30 21:10:21 +01:00 · 2021-04-30 21:10:21 +01:00 · 7c0a4af2c8
commit 7c0a4af2c8
parent a684435199
2 changed files with 51 additions and 3 deletions
--- a/.config/ssh-agent/pam_exec-ssh
+++ b/.config/ssh-agent/pam_exec-ssh
@ -0,0 +1,35 @@
 #!/bin/sh
 agent_add_key () {
    expect << EOF
        log_user 0
        spawn ssh-add $1
        expect "Enter passphrase for $1" {
            send "$2\r"
            expect {
                "Identity added: $1" {
                    send "$2\r"
                    exit 0
                }
                "Bad passphrase, try again" {
                    exit 1
                }
            }
        }
 EOF
 }
 read -r PAM_PASS
 PAM_PASS=$(echo "$PAM_PASS" | sed 's/\$/\\\$/')
 SSH_AUTH_SOCK=/run/user/$(id -u "$PAM_USER")/ssh-agent.socket
 export SSH_AUTH_SOCK
 if [ -d /home/"$PAM_USER"/.ssh/unlock.d/ ]; then
    find /home/"$PAM_USER"/.ssh/unlock.d/ -maxdepth 1 ! -wholename "/home/$PAM_USER/.ssh/unlock.d/" ! -name "config" ! -name "known_hosts" ! -name "*.pub" | while read -r key; do
        agent_add_key "$key" "$PAM_PASS" &
    done
 fi
 exit 0
--- a/19
+++ b/19
@ -1,10 +1,10 @@
 #!/bin/sh -e
 repo_dir=$(readlink -f $(dirname "$0"))
 link() {
  [ -L "~/.config" ] || return 0
  repo_dir=$(readlink -f $(dirname "$0"))
  for file in ".profile" ".zprofile" ".config"; do
    ln -sf "$repo_dir/$file" "~/$file"
  done
@ -59,6 +59,19 @@ install() {
  [ -d "/usr/share/themes/Nova" ] || sudo git clone \
    https://git.vimium.com/jordan/gtk-nova-theme.git \
    /usr/share/themes/Nova
  [ -x "/usr/bin/pam_exec-ssh" ] || {
    sudo install -m755 \
      "$repo_dir/.config/ssh-agent/pam_exec-ssh" \
      /usr/bin/pam_exec-ssh
      mkdir ~/.ssh/unlock.d
      ln -s ~/.ssh/id_ed25519 ~/.ssh/unlock.d/id_ed25519
    }
 }
-install && link
+configure() {
  systemctl --user enable ssh-agent
  systemctl --user enable sway
 }
 install && link && configure