commit: e1cc1a18a5e3202394cd579eaa6230b5750d84f4
Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Wed Dec 4 15:33:22 2019 +0000
Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Wed Dec 4 15:33:22 2019 +0000
URL: https://gitweb.gentoo.org/proj/genkernel.git/commit/?id=e1cc1a18
gen_determineargs.sh: determine_real_args(): Adjust authorized_keys file
validation
Using "-s" is not enough, file could be a directory. Better check for
content!
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>
gen_determineargs.sh | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gen_determineargs.sh b/gen_determineargs.sh
index 9e46576..0fd24d5 100755
--- a/gen_determineargs.sh
+++ b/gen_determineargs.sh
@@ -847,9 +847,9 @@ determine_real_args() {
elif [ ! -e "${ssh_authorized_keys_file}" ]
then
gen_die "authorized_keys file
'${ssh_authorized_keys_file}' does not exist!"
- elif [ ! -s "${ssh_authorized_keys_file}" ]
+ elif ! grep -qE '^(ecdsa|ssh)-'
"${ssh_authorized_keys_file}" &>/dev/null
then
- gen_die "authorized_keys file
'${ssh_authorized_keys_file}' is empty!"
+ gen_die "authorized_keys file
'${ssh_authorized_keys_file}' does not look like a valid authorized_keys file:
File does not contain any entry matching regular expression '^(ecdsa|ssh)-'!"
else
declare -gr
DROPBEAR_AUTHORIZED_KEYS_FILE="${ssh_authorized_keys_file}"
fi
