#!/bin/bash

# update cache of ssh and https host keys for USB drives

OUTPUT=$HOME/lib/annex/big/skel/usb/lib/host_keys.txt
OUTPUT_OPENSSH=$HOME/lib/annex/big/skel/usb/lib/known_hosts

(
    echo -n "Generated by ~/bin/usbpubkeys "
    date
    echo
    echo -n "athena.silentflame.com's SSH key fingerprint:          "
    # assume that we've already got it in known_hosts locally
    ssh -o ControlMaster=no -o ControlPath=/dev/null -v athena /bin/true 2>&1 \
        | grep "Server host key:" | cut -d' ' -f 5-6
    # don't assume our connection is safe; ssh to ma first
    # echo -n "ma.sdf.org's web SSL key SHA1 fingerprint: "
    # echo -n | ssh ma openssl s_client -connect ma:443 2>/dev/null | \
    #     openssl x509  -noout -fingerprint | cut -f2 -d'='
        
) > $OUTPUT
unix2dos $OUTPUT

ssh-keyscan -t rsa athena.silentflame.com > $OUTPUT_OPENSSH