Allow removing of IP entries

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2018-04-26 15:45:27 +02:00 · 2018-04-26 15:45:27 +02:00 · 64c5d2a22a
commit 64c5d2a22a
parent cc574754b6
2 changed files with 82 additions and 47 deletions
--- a/bin/cleanup-knownhosts
+++ b/bin/cleanup-knownhosts
@ -0,0 +1,82 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+
+import argparse
+import os
+import re
+import shutil
+import socket
+import sys
+
+HOME = os.environ['HOME']
+KNOWN_HOSTS = os.path.join(HOME, '.ssh', 'known_hosts')
+
+
+def parse_args():
+    parser = argparse.ArgumentParser(description='Cleanup known_hosts file')
+    parser.add_argument('-s', '--strip-ips', action='store_true', dest='strip')
+    return parser.parse_args()
+
+
+def backup():
+    # Backup known hosts file
+    shutil.copyfile(KNOWN_HOSTS, KNOWN_HOSTS+".old")
+
+
+def is_ip(ip):
+    try:
+        socket.inet_aton(ip)
+        return True
+    except socket.error:
+        return False
+
+
+def read_and_reduce():
+    # Read known hosts to memory
+    knownhosts = {}
+    with open(KNOWN_HOSTS) as f:
+        for line in f:
+            if line.strip() == "" or line.strip().startswith("#"):
+                continue
+            hosts, keytype, fingerprint = line.strip().split(" ")
+            dictkey = keytype + fingerprint
+            hosts = hosts.split(",")
+            if knownhosts.get(dictkey) == None:
+                knownhosts[dictkey] = {
+                    'hosts': set(),
+                    'keytype': keytype,
+                    'fingerprint': fingerprint,
+                }
+            knownhosts[dictkey]['hosts'].update(hosts)
+
+    return knownhosts
+
+
+def write_hosts_file(knownhosts):
+    # Replace known hosts with a cleaned version
+    with open(KNOWN_HOSTS, 'w') as f:
+        for key, host in knownhosts.items():
+            if len(host['hosts']) == 0:
+                continue
+
+            host['hosts_joined'] = ",".join(sorted(host['hosts'], reverse=True))
+            f.write("{hosts_joined} {keytype} {fingerprint}\n".format(**host))
+
+
+def main():
+    args = parse_args()
+
+    backup()
+    known_hosts = read_and_reduce()
+
+    if args.strip:
+        for k in known_hosts:
+            known_hosts[k]['hosts'] = [h for h in known_hosts[k]['hosts']
+                                       if not is_ip(h)]
+
+    write_hosts_file(known_hosts)
+    print("OK. Cleaned up", KNOWN_HOSTS)
+
+
+if __name__ == "__main__":
+    main()
--- a/bin/ssh-knownhosts-cleanup.py
+++ b/bin/ssh-knownhosts-cleanup.py
@ -1,47 +0,0 @@
-#!/usr/bin/env python3
-# encoding: utf-8
-# By Joonas Kuorilehto 2011, MIT license
-# https://gist.github.com/joneskoo/1306614
-#
-# The script combines .ssh/known_hosts so that each fingerprint is only
-# listed once.
-
-import re
-import sys
-import os
-import shutil
-
-HOME = os.environ['HOME']
-KNOWN_HOSTS = os.path.join(HOME, '.ssh', 'known_hosts')
-
-# Backup known hosts file
-shutil.copyfile(KNOWN_HOSTS, KNOWN_HOSTS+".old")
-
-# Read known hosts to memory
-with open(KNOWN_HOSTS) as f:
-    knownhosts = dict()
-    oldlines = 0
-    for line in f:
-        if line.strip() == "" or line.strip().startswith("#"):
-            continue
-        oldlines += 1
-        hosts, keytype, fingerprint = line.strip().split(" ")
-        dictkey = keytype + fingerprint
-        hosts = hosts.split(",")
-        if knownhosts.get(dictkey) == None:
-            knownhosts[dictkey] = dict(hosts=set(), keytype=keytype,
-                                       fingerprint=fingerprint)
-        knownhosts[dictkey]['hosts'].update(hosts)
-
-lines = []
-for key, host in knownhosts.items():
-    host['hosts_joined'] = ",".join(sorted(host['hosts'], reverse=True))
-    lines.append("%(hosts_joined)s %(keytype)s %(fingerprint)s" % host)
-
-# Replace known hosts with a cleaned version
-with open(KNOWN_HOSTS, 'w') as f:
-    f.write("\n".join(sorted(lines)))
-    f.write("\n")
-
-print("OK. Cleaned up", KNOWN_HOSTS)
-print("Change: from %d lines to %d lines." % (oldlines, len(knownhosts)))