RFC: ssh-copy-id tweaks
Bob Proulx
bob at proulx.com
Wed Feb 6 04:48:50 EST 2008
Jim Knoble wrote:
> The (nearly complete) rewrite of ssh-copy-id is available:
> http://www.jmknoble.net/openssh/ssh-copy-id
Thanks for working on this. I looked at it briefly and have a few
quick comments:
echo "--> $*"
Progress() { if [ x"${VERBOSE}" = x"yes" ]; then echo "--> $* ..."; fi; }
Because of the leading '-' I worry that some echo implementations
might confused this with an option syntax. As you know echo can be a
troublesome command with many non-portable implementations. But
perhaps I worry needlessly here.
- agent_identity="`ssh-add -L |grep -v '^The agent has no identities\.$' 2>/dev/null`"
+ agent_identity="`ssh-add -L |sed '/^The agent has no identities\.$/d'`"
The exit code of grep is dependent upon whether it matched or not.
(Also I don't think the stderr should have been redirected.) But we
don't care about knowing if there was a match here but simply want to
remove the line. Therefore using sed is better because the exit
status of sed indicates the success or failure of the operation. And
if there is an error then we would want to see it.
BTW... Thanks for adding that section. The previous command did not
make that check and I would sometimes annoyingly find "The agent has
no identities" in my authorized keys file. :-) Nice to see this
check in place for the future.
- if [ ${msgcount} -eq 1 ]; then
+ if [ ${msgcount} -eq 1 ]; then
There is a trailing space on that line. It would be great if that
were cleaned up.
I hate to even suggest this after seeing your efforts but if I were
doing this I would have piped the script into the remote shell on
stdin and passed the keys to it through the argument list instead of
the other way around. The keys are small by comparison and won't need
fancy quoting. By sending the script in on stdin then all of the
quoting problems disappear. I think it would make this more
maintainable in the long run. Something to think about...
It seems to work for me.
Thanks again for working on this.
Bob
More information about the openssh-unix-dev
mailing list