New Plugin: yubikey

The `yubikey` plugin provides some very powerful features: * Shared ssh-agent among zsh sessions * Easy-to-use aliases * Autoconfiguration where possible
2026-06-05 05:03:16 +02:00 · 2018-06-20 21:35:44 +07:00 · 2018-06-20 21:35:44 +07:00 · dbca1e4e01
commit dbca1e4e01
parent a0b8eab5f0
2 changed files with 79 additions and 0 deletions
--- a/plugins/yubikey/README.md
+++ b/plugins/yubikey/README.md
@ -0,0 +1,22 @@
+# YubiKey Plugin
+
+YubiKey plugin -- Provides aliases to help use YubiKey tokens comfortably
+
+## Usage
+
+This plugin will first try to detect location of the 'opensc-pkcs11.so' library, unless already specified in the $OPENSC env var (that is, before source-ing oh-my-zsh).
+
+Afterwards, it will try to detect if a 'shared ssh-agent' is already running, through a file in `/run/user/$UID`, or if no such directory, in `/tmp` as a fallback.
+
+Then it will define several aliases. You can see them by issuing the command `alias | grep yubi-`.
+
+## Optional Parameters
+
+These parameters can be set **_before_** source-ing oh-my-zsh to customize the settings:
+
+`YUBI_SHOWKEYS`
+> If set to '1' or 'y' or 'yes' (case-insensitive), will list the keys contained in the 'shared ssh-agent'
+
+`YUBI_SSHAGENT_AUTOINIT`
+> If set to '1' or 'y' or 'yes' (case-insensitive), will automatically initialize the 'shared ssh-agent' if one is not found
+
--- a/plugins/yubikey/yubikey.plugin.zsh
+++ b/plugins/yubikey/yubikey.plugin.zsh
@ -0,0 +1,57 @@
+local _libname='opensc-pkcs11.so'
+local _sshfiledir="/run/user/$UID"
+local _sshfile='ssh_agent'
+local _sshpath=''
+local _ellipsis='......'
+
+if [[ -z $OPENSC ]]; then
+    for f in $(locate "/${_libname}"); do
+        [[ -L $f ]] && continue  # Is a symlink
+        OPENSC="$f"
+        break
+    done
+fi
+export OPENSC
+
+if [[ -w $_sshfiledir ]]; then
+    _sshpath="$_sshfiledir/$_sshfile"
+else
+    _sshpath="/tmp/$_sshfile"
+fi
+
+
+alias yubi-init="pkill ssh-agent; pkill gpg-agent; ssh-agent -s > $_sshpath; source $_sshpath"
+alias yubi-insert="ssh-add -s $OPENSC && ssh-add -L"
+alias yubi-eject="ssh-add -e $OPENSC && ssh-add -L"
+
+if [[ -r $_sshpath ]]; then
+    echo -n "Common SSH Agent detected. "
+    source $_sshpath
+else
+    echo -n "Common SSH Agent not detected. "
+    case "${(U)YUBI_SSHAGENT_AUTOINIT}" in
+        1|Y|YES)
+            echo -n "Auto-initializing... "
+            yubi-init
+            echo "done."
+            ;;
+        *)
+            echo "Autoinit not enabled. Use 'yubi-init' to manually init."
+            ;;
+    esac
+fi
+
+case "${(U)YUBI_SHOWKEYS}" in
+    1|Y|YES)
+        ssh-add -L | while read ln; do
+            if (( ${#ln} >= COLUMNS )); then
+                newlen=$(( COLUMNS - ${#_ellipsis} - 1 ))
+                halflen=$(( newlen / 2 ))
+                ln="${ln:0:$halflen}${_ellipsis}${ln: -$halflen}"
+            fi
+            echo "$ln"
+        done
+        ;;
+esac
+
+# vim: set ft=zsh ts=4 sts=4 et ai :