/usr/bin/ipseckey is in hash-slinger 2.6-1.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 | #!/usr/bin/python
# Show IPSECKEY records generated by libreswan IPsec
# might work on some versions of older openswan as well
#
# Copyright 2015 Paul Wouters <pwouters@redhat.com>
# License: GNU GENERAL PUBLIC LICENSE Version 2 or later
VERSION = "2.6"
import os
import sys
import subprocess
import optparse
import base64
import time
import hashlib
ipsec = "/usr/sbin/ipsec"
if not os.path.isfile(ipsec):
ipsec = "/usr/local/sbin/ipsec"
if not os.path.isfile(ipsec):
print >> sys.stderr, "ipseckey: ipsec command not found (not a libreswan or openswan IPsec servers?)"
sys.exit(1)
def show_version():
print >> sys.stderr, "sshfp version: " + VERSION
def main():
parser = optparse.OptionParser()
parser.add_option("-v", "--version",
action="store_true",
dest="version",
help="print version information and exit")
(options, args) = parser.parse_args()
if options.version:
show_version()
sys.exit(0)
if os.geteuid() != 0:
print >> sys.stderr, "ipseckey: root access is needed to read the IPsec NSS database for the public key"
sys.exit(2)
cmd = [ipsec, "showhostkey", "--ipseckey"]
process = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
(stdout, stderr) = process.communicate()
print stdout
if __name__ == "__main__":
main()
|