#!/bin/sh
exec 2>&1
fp_blist=",${1},"
key_blist=",${2},"
{
echo
echo "#############################################################"
echo "-----BEGIN SSH HOST KEY FINGERPRINTS-----"
for f in /etc/ssh/ssh_host_*key.pub; do
    [ -f "$f" ] || continue
    read ktype line < "$f"
    # skip the key if its type is in the blacklist
    [ "${fp_blist#*,$ktype,}" = "${fp_blist}" ] || continue
    ssh-keygen -l -f "$f"
done
echo "-----END SSH HOST KEY FINGERPRINTS-----"
echo "#############################################################"

} | logger -p user.info --stderr -t "ec2"

echo -----BEGIN SSH HOST KEY KEYS-----
for f in /etc/ssh/ssh_host_*key.pub; do
    [ -f "$f" ] || continue
    read ktype line < "$f"
    # skip the key if its type is in the blacklist
    [ "${key_blist#*,$ktype,}" = "${key_blist}" ] || continue
    cat $f
done
echo -----END SSH HOST KEY KEYS-----