forked from unixnut/scripts
-
Notifications
You must be signed in to change notification settings - Fork 0
/
aws-host-fingerprints
executable file
·45 lines (39 loc) · 1.21 KB
/
aws-host-fingerprints
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
#! /bin/sh
# aws-host-fingerprints (Bourne shell script) -- extract SSH host key fingerprints from boot log
#
# Keywords: ssh AWS EC2 security
while [ "$(echo "x$1" | cut -c2)" = - ] ; do
args="$args $1"
shift
done
self=aws-host-fingerprints
if [ -z "$1" ] ; then
echo "Usage: $self <instance-id>" >&2
exit 1
fi
cont=y
while [ $cont = y ]
do
# Redirect STDERR because
aws ec2 --output=text get-console-output $args --instance-id=$1 |
sed -n '/^ec2: -----BEGIN SSH HOST KEY FINGERPRINTS-----/,/^ec2: -----END SSH HOST KEY FINGERPRINTS-----/p' |
tee /tmp/aws-host-fingerprints_$$ 2> /tmp/aws-host-fingerprints_errors_$$
# Check if valid output was produced
if [ -s /tmp/aws-host-fingerprints_errors_$$ ] && \
grep -q -v -e "'Output'" -e '^$' /tmp/aws-host-fingerprints_errors_$$
then
# if not, loop again
echo waiting...
sleep 3
cont=y
else
# print the errors as they would have been if not captured
cat /tmp/aws-host-fingerprints_errors_$$ >&2
cont=n
fi
done
# If there is nothing in the file, throw an error
if [ ! -s /tmp/aws-host-fingerprints_$$ ] ; then
echo "${self}: Warning: console output for instance $1 does not contain host fingerprints" >&2
exit 2
fi