Queries and prints SSH public keys from Hesiod-esque DNS TXT records
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
eaon 2cbd6e7ff2
Old habits die hard, optimising the 255 byte chunker
5 years ago
src Old habits die hard, optimising the 255 byte chunker 5 years ago
Cargo.toml opts/args handling via library, distinguish between chars and bytes for TXT record generation 5 years ago
LICENSE Version control for this is not a bad idea by now 5 years ago
README.md Thanks Clippy 5 years ago



Small helper tool primarily meant to be invoked by OpenSSH's AuthorizedKeysCommand in environments that already use Hesiod. It queries, sorts, concatenates and eventually prints SSH public keys found in DNS TXT records.

It also does the inverse and can create BIND style DNS record entries. Records live in $user.ssh$lhs$rhs and look like this:

user.ssh.ns.example.org. TXT "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCutHjcbooZDl+4jpsGMC7JewGXTgULjWuSMMzpM0hCKn4aIOaULkbDV020NiO+dfo0DTo2vXwZn6GqUu4xyZVk5dQa+yk6He3DAzgwsXxsLuwQYfGI0xVgGsaBFWPXqXjWIq6amKKG6o2Ll15HOw6Tj0MULGqQtC/j00VrKxNztNy2Lesa06KkKnFBFimA29ZhVlUjm8W/t7rwg0alulLnoOp" "ch9qbE/3yO3KOdNqCdDwNoRImAQk6KRlpWSr9ZHB4YnjQNNZCJ+yjC/KdqQ1awdKWTOMz2jfbhd/WHeH7XRY4iU2ZatVj6ZAcaqKvkaG8mWDYq2RNf6k88FgLdM33 user@host"
                         TXT "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHz4HTq0S77shqWG1tfc8EHSSMg+unYB+uUZaKiUcq1N user@host"

Requires a /etc/hesiod.conf configuration file.

Isn't this kind of pointless as the same can be achieved with AuthorizedKeysCommand /usr/bin/hesinfo %u ssh?

Yes, however I initially misremembered how TXT records work, and I wanted to learn about Rust and this was a simple enough project to try, so 🤷‍♂️