Skip to content

Instantly share code, notes, and snippets.

@izogain

izogain/README.md

Forked from taylor/README.md
Created March 5, 2016 21:14
Show Gist options
  • Save izogain/6d02e888afdffc489422 to your computer and use it in GitHub Desktop.
Save izogain/6d02e888afdffc489422 to your computer and use it in GitHub Desktop.
Download ZIP
wrapper to support SSH SRV records
Raw
README.md

Introduction

ssh-srv-wrapper is bash shell script which tries to find a SSH SRV record for the first host and uses what is found rather than what was passed (if a valid record is found).

Install

Run the script directly or feel free to rename or symlink to the name ssh. It will look for another ssh in your path to execute.

TODO

  • Validate host found in DNS. Potential security risk if DNS server returned shell esacpe sequences, etc.

Note on Patches/Pull Requests

  • Fork the project.
  • Make your feature addition or bug fix.
  • Send me a pull request -- not sure if that will work in a Gist...

Copyright

Released into the public domain.

Raw
ssh-srv-wrapper.sh
#!/bin/bash
# Name: ssh-srv-wrapper
#
# Purpose: Check DNS SRV records and use the entry when possible.
#
# This code is hereby released to the public domain and may be used for any
# purpose whatsoever without permission or acknowledgment.
#
# Taylor Carpenter <[email protected]>
DEBUG_ME=0
me=`basename $0`
mydir=$(dirname $0)
_dmsg() { if [ "${DEBUG_ME}" = 1 ] ; then echo $* ; fi ; }
SSH=`which ssh`
if [ "$me" = "ssh" -a "$0" = "${SSH}" ] ; then
SSH=`PATH=${PATH/$mydir:} which ssh`
fi
usage() {
#echo "usage: $me [args] [user@<host>] [args]"
#echo "See man ssh (1)"
$SSH
}
if [ "$1" = "" ] ; then
usage
exit 1
elif [ "$1" = "-V" -o "$1" = "-version" ] ; then
exec $SSH -V
else
args=("$@")
fi
preargs=()
postargs=()
nao=1246AaCfgKkMNnqsTtVvXxYy
userhost=
check_srv=true
i=0
# Only parse args up to [user@]host
for (( i=0; i<${#args[*]}; i++ )) ; do
case ${args[i]} in
-[$nao]|-[$nao]*[$nao])
preargs[${#preargs[*]}]="${args[i]}"
args[i]=
;;
-*p)
preargs[${#preargs[*]}]="${args[i]}"
args[i]=
((i++))
preargs[${#preargs[*]}]="${args[i]}"
args[i]=
check_srv=false # ignore SRV record
;;
-*)
preargs[${#preargs[*]}]="${args[i]}"
args[i]=
((i++))
preargs[${#preargs[*]}]="${args[i]}"
args[i]=
;;
*)
userhost="${args[i]}"
args[i]=
postargs=($(echo "${args[@]}"))
break
;;
esac
done
if [ -z "$userhost" ] ; then
usage
exit 1
fi
host=${userhost##*@}
user=${userhost%%@*}
[ "$user" = "$host" ] && user=
if [ "$check_srv" = "true" ] ; then
echo $host | grep '[A-Za-z]' > /dev/null
if [ $? = 0 ] ; then
srv=$(host -s -W 1 -t SRV _ssh._tcp.${host}|grep "has SRV")
if [ $? = 0 ] ; then
shost=${srv##* }
host=${shost%*.}
sport=${srv%* $host.}
port=${sport##* }
if [ -z "$host" ] ; then
echo "Could not figure out hostname in SRV record"
exit 1
fi
fi
fi
[ "$port" != "" ] && preargs[${#preargs[*]}]="-p ${port}"
_dmsg "After SRV lookup -- HOST: $host PORT: $port"
fi
[ "$user" != "" ] && userat="${user}@" || userat=""
args=("${preargs[@]}" "${userat}${host}" "${postargs[@]}")
_dmsg Executing $SSH ${args[@]}
exec $SSH ${args[@]}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment