ref(ssh-pubkey): name file according to comment, if available

ssh-pubkey/ssh-pubkey

@@ -2,43 +2,102 @@
 set -e
 set -u
 
+fn_warn_rsa() { (
+    echo 'WARNING'
+    echo '    ~/.ssh/id_rsa is less than the required 3072 bits'
+    echo '    (some modern services will reject your key)'
+
+    echo ''
+    echo 'SOLUTION'
+    echo '    Generate a new key, and update accordingly'
+
+    my_ts="$(date -u "+%F_%H.%M.%S")"
+
+    echo ''
+    echo '    # OPTION 1: Generate a more efficient, ED25519 256-bit key'
+    echo '    #           and update your ~/.ssh/config accordingly'
+    echo "    mv ~/.ssh/id_rsa ~/.ssh/id_rsa.${my_ts}.bak"
+    # shellcheck disable=SC2016
+    echo '    ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -q -N ""'
+    echo "    echo 'Host *
+        IdentityFile ~/.ssh/id_ed25519
+        IdentityFile ~/.ssh/id_rsa.${my_ts}.bak' >> ~/.ssh/config"
+
+    echo ''
+    echo '    # OPTION 2: Generate a larger, 4096-bit RSA key"'
+    echo '    #           and update your ~/.ssh/config accordingly'
+    echo "    mv ~/.ssh/id_rsa ~/.ssh/id_rsa.${my_ts}.bak"
+    # shellcheck disable=SC2016
+    echo '    ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa -q -N ""'
+    echo "    echo 'Host *
+        IdentityFile ~/.ssh/id_rsa
+        IdentityFile ~/.ssh/id_rsa.${my_ts}.bak' >> ~/.ssh/config"
+); }
+
 main() {
 
-    if [ ! -d "$HOME/.ssh" ]; then
-        mkdir -p "$HOME/.ssh/"
-        chmod 0700 "$HOME/.ssh/"
+    if ! test -d ~/.ssh; then
+        mkdir -p ~/.ssh/
+        chmod 0700 ~/.ssh/
     fi
 
-    if [ ! -f "$HOME/.ssh/config" ]; then
+    if ! test -f ~/.ssh/config; then
         # for the benefit of VSCode
-        touch "$HOME/.ssh/config"
-        chmod 0644 "$HOME/.ssh/config"
+        touch ~/.ssh/config
+        chmod 0644 ~/.ssh/config
     fi
 
-    if [ ! -f "$HOME/.ssh/authorized_keys" ]; then
-        touch "$HOME/.ssh/authorized_keys"
-        chmod 0600 "$HOME/.ssh/authorized_keys"
+    if ! test -f ~/.ssh/authorized_keys; then
+        touch ~/.ssh/authorized_keys
+        chmod 0600 ~/.ssh/authorized_keys
     fi
 
-    if [ ! -f "$HOME/.ssh/id_rsa" ]; then
-        ssh-keygen -b 2048 -t rsa -f "$HOME/.ssh/id_rsa" -q -N ""
+    my_keytype=''
+    if test -f ~/.ssh/id_ed25519; then
+        my_keytype='ed25519'
+        if ! test -f ~/.ssh/id_ed25519.pub; then
+            echo >&2 ""
+            ssh-keygen -y -f ~/.ssh/id_ed25519 > ~/.ssh/id_ed25519.pub
+        fi
+    elif test -f ~/.ssh/id_rsa; then
+        my_keytype='rsa'
+        if ! test -f ~/.ssh/id_rsa.pub; then
+            echo >&2 ""
+            ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
+        fi
+    elif test -f ~/.ssh/id_ecda; then
+        my_keytype='ecdsa'
+        if ! test -f ~/.ssh/id_ecdsa.pub; then
+            echo >&2 ""
+            ssh-keygen -y -f ~/.ssh/id_ecda > ~/.ssh/id_ecda.pub
+        fi
+    else
+        my_keytype='rsa'
         echo >&2 ""
+        ssh-keygen -b 4096 -t rsa -f ~/.ssh/id_rsa -q -N ""
+        ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
     fi
 
-    if [ ! -f "$HOME/.ssh/id_rsa.pub" ]; then
-        ssh-keygen -y -f "$HOME/.ssh/id_rsa" > "$HOME/.ssh/id_rsa.pub"
-        echo >&2 ""
+    my_comment="$(tr '[:space:]' '\n' < "$HOME/.ssh/id_${my_keytype}.pub" | grep '\w' | tail -n 1)"
+    if test -z "${my_comment}" || test "${my_comment#}" -gt 100; then
+        my_comment="$(id -u -n)"
     fi
-
-    # TODO use the comment (if any) for the name of the file
     echo >&2 ""
     #shellcheck disable=SC2088
-    echo >&2 "~/Downloads/id_rsa.$(whoami).pub":
+    echo >&2 "~/Downloads/id_${my_keytype}.${my_comment}.pub":
     echo >&2 ""
-    rm -f "$HOME/Downloads/id_rsa.$(whoami).pub"
-    cp -r "$HOME/.ssh/id_rsa.pub" "$HOME/Downloads/id_rsa.$(whoami).pub"
-    cat "$HOME/Downloads/id_rsa.$(whoami).pub"
+    rm -f "$HOME/Downloads/id_${my_keytype}.${my_comment}.pub"
+    cp -RPp "$HOME/.ssh/id_${my_keytype}.pub" "$HOME/Downloads/id_${my_keytype}.${my_comment}.pub"
+    cat "$HOME/Downloads/id_${my_keytype}.${my_comment}.pub"
     echo >&2 ""
+
+    if test -f ~/.ssh/id_rsa; then
+        my_rsa_size="$(wc < ~/.ssh/id_rsa | rev | cut -d' ' -f1 | rev)"
+        if test "${my_rsa_size}" -lt 2500; then
+            fn_warn_rsa >&2
+            echo >&2 ""
+        fi
+    fi
 }
 
 main

vim-things.sh

@@ -1,12 +0,0 @@
-vim README.md
-vim _webi/template.ps1
-vim _webi/template.sh
-vim brew/install.sh
-vim git/install.ps1
-vim golang/install.ps1
-vim golang/install.sh
-vim node/install.ps1
-vim postgres/install.sh
-vim sass/install.ps1
-vim webi/install.sh
-vim zig/install.ps1