fix: Authorized keys parsing and extraction (#187)

* add support for SK authorized keys

nixos-infect incorrectly handles

* Update nixos-infect

* Replace space with [[:space:]]

* Fix possible security issue
This commit is contained in:
Dominik Gleich 2024-03-11 16:34:16 +01:00 committed by GitHub
parent 095fcbc28d
commit bbe94a1175
No known key found for this signature in database
GPG key ID: B5690EEEBB952194

View file

@ -26,7 +26,7 @@ makeConf() {
local IFS=$'\n'
for trypath in /root/.ssh/authorized_keys /home/$SUDO_USER/.ssh/authorized_keys $HOME/.ssh/authorized_keys; do
[[ -r "$trypath" ]] \
&& keys=$(sed -E 's/^.*((ssh|ecdsa)-[^[:space:]]+)[[:space:]]+([^[:space:]]+)([[:space:]]*.*)$/\1 \3\4/' "$trypath") \
&& keys=$(sed -E 's/^[^#].*[[:space:]]((sk-ssh|sk-ecdsa|ssh|ecdsa)-[^[:space:]]+)[[:space:]]+([^[:space:]]+)([[:space:]]*.*)$/\1 \3\4/' "$trypath") \
&& [[ ! -z "$keys" ]] \
&& break
done