Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Create protected passwordless ssh logins - Part 3 of 3' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Create protected passwordless ssh logins - Part 3 of 3
Authored by: jaysoffian on Mar 28, '06 07:44:28AM
Here's the current versions of the other scripts involved in this hint. Save these in $HOME/Library/Libexec with the given names and make sure they are executable (chmod 755 name_of_script):

envx:


#!/usr/bin/python
import sys
import os
from shutil import copymode
from plistlib import Plist

def main(*args):
    path = os.path.join(os.getenv("HOME"), ".MacOSX/environment.plist")
    if os.path.isfile(path):
        environ = Plist.fromFile(path)
    else:
        environ = Plist()
    for arg in args:
        try: k, v = arg.split('=',1)
        except ValueError: pass
        else: environ[k] = v
    if not args:
        for k,v in environ.items():
            print "%s=\"%s\"; export %s" % (k, v, k)
    else:
        tmppath = path
        tmppath += ".tmp"
        f = open(tmppath, "w")
        environ.write(f)
        f.close()
        copymode(path, tmppath)
        os.rename(tmppath, path)

if __name__ == "__main__":
    main(*sys.argv[1:])
ssh-add:

#!/bin/sh
DISPLAY=bogus
SSH_ASKPASS=$HOME/Library/Libexec/ssh-askpass
export DISPLAY SSH_ASKPASS
/usr/bin/ssh-add < /dev/null
ssh-agent:

#!/bin/sh
eval `/usr/bin/ssh-agent -s`
$HOME/Library/Libexec/envx \
	SSH_AUTH_SOCK=$SSH_AUTH_SOCK \
	SSH_AGENT_PID=$SSH_AGENT_PID \
	SSH_ASKPASS=$HOME/Library/Libexec/ssh-askpass \
	DISPLAY=:0.0 \
	CVS_RSH=ssh
ssh-askpass:

#!/usr/bin/python
import sys
import os
import re

def decode_hex(s):
    s = eval('"' + re.sub(r"(..)", r"\x\1", s) + '"')
    if "\0" in s: s = s[:s.index("\0")]
    return s

def main(svce, acct):
    cmd = ' '.join([
        "/usr/bin/security",
        " find-generic-password",
        "-g -s '%s' -a '%s'" % (svce, acct),
        "2>&1 >/dev/null"
    ])
    p = os.popen(cmd)
    s = p.read()
    p.close()
    m = re.match(r"password: (?:0x([0-9A-F]+)\s*)?\"(.*)\"$", s)
    if m:
        hexform, stringform = m.groups()
        if hexform: print decode_hex(hexform)
        else: print stringform

if __name__ == "__main__":
    if len(sys.argv) == 3:
        main("SSH", sys.argv[2])
    else:
        main("SSH", os.getenv("USER"))


[ Reply to This | # ]
Create protected passwordless ssh logins - Part 3 of 3
Authored by: drudus on Nov 12, '10 08:32:42PM
I was wrestling with the 'security keychain-dump' outputting hex values & I found this hint.
There seems to be a simpler solution to convert from hex to ascii, use xxd.

eg… $ echo 0x68696e74730a | xxd -r -p
outputs 'hints' Hope someone finds it useful.

[ Reply to This | # ]