From 424ca986d200dc04c992554d995b9de9486aab68 Mon Sep 17 00:00:00 2001 From: Pandu POLUAN Date: Mon, 11 Dec 2017 12:27:32 +0700 Subject: [PATCH] YubiKey Plugin --- plugins/yubikey/README.md | 11 ++++++++ plugins/yubikey/yubikey.plugin.zsh | 45 ++++++++++++++++++++++++++++++ 2 files changed, 56 insertions(+) create mode 100644 plugins/yubikey/README.md create mode 100644 plugins/yubikey/yubikey.plugin.zsh diff --git a/plugins/yubikey/README.md b/plugins/yubikey/README.md new file mode 100644 index 000000000..85066c253 --- /dev/null +++ b/plugins/yubikey/README.md @@ -0,0 +1,11 @@ +# YubiKey Plugin + +YubiKey plugin -- Provides aliases to help use YubiKey tokens comfortably + +## Usage + +This plugin will first try to detect location of the 'opensc-pkcs11.so' library, unless already specified in the $OPENSC env var. + +Afterwards, it will try to detect if a 'shared ssh-agent' is already running, through a file in /run (preferred, but must be pre-created with the proper permissions), or in /tmp (fallback). + +Then it will define several aliases. diff --git a/plugins/yubikey/yubikey.plugin.zsh b/plugins/yubikey/yubikey.plugin.zsh new file mode 100644 index 000000000..ae60ad2bf --- /dev/null +++ b/plugins/yubikey/yubikey.plugin.zsh @@ -0,0 +1,45 @@ + + +local _libname='opensc-pkcs11.so' +local _sshfiledir="/run/user/$UID" +local _sshfile='ssh_agent' +local _sshpath='' + +if [[ -z $OPENSC ]]; then + for f in $(locate "/${_libname}"); do + [[ -L $f ]] && continue # Is a sublink + OPENSC="$f" + break + done +fi +export OPENSC + +if [[ -w $_sshfiledir ]]; then + _sshpath="$_sshfiledir/$_sshfile" +else + _sshpath="/tmp/$_sshfile" +fi + + +alias yubi-init="pkill ssh-agent; pkill gpg-agent; ssh-agent -s > $_sshpath; source $_sshpath" +alias yubi-insert="ssh-add -s $OPENSC" +alias yubi-eject="ssh-add -d $OPENSC" + +if [[ -r $_sshpath ]]; then + echo "Common SSH Agent detected." + source $_sshpath +else + echo -n "Common SSH Agent not detected." + case "${(U)YUBI_SSHAGENT_AUTOINIT}" in + 1|Y|YES) + echo -n " Auto-initializing... " + yubi-init + echo "done." + ;; + *) + echo " Autoinit not enabled. Use 'yubi-init' to manually init." + ;; + esac +fi + +# vim: set ft=zsh ts=4 sts=4 et ai :