Search for fingerprint instead of key name

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2017-08-14 15:17:09 +02:00 · 2017-08-14 15:17:09 +02:00 · 3991e6a781
commit 3991e6a781
parent 20e7c554fc
1 changed files with 3 additions and 1 deletions
--- a/bin/vault-sshadd
+++ b/bin/vault-sshadd
@ -39,8 +39,10 @@ vault read -field=private "/secret/ssh-key/\$1" | exec ssh-add -t 3600 -
 EOF

 for KEY_NAME in $@; do
+  fingerprint=$(vault read -field=public "/secret/ssh-key/$1" | ssh-keygen -l -f -)
+
  # If this key is already in the agent we don't need to do anything
-  if ( ssh-add -l | grep -q "${KEY_NAME}" ); then
+  if ( ssh-add -l | grep -q "${fingerprint}" ); then
    info "[${KEY_NAME}] Key already present."
    continue
  fi