#!/bin/sh
# remove all FIDO keys from the SSH agent
fido_keys=$(ssh-add -L|grep '^sk-')
if [ -n "${fido_keys}" ]; then
    output=$(echo "${fido_keys}" | ssh-add -d /dev/stdin 2>&1)
    if [ $? -eq 0 ]; then
        notify-send -u low "FIDO keys cleaned"
    else
        notify-send -u critical "FIDO keys not cleaned" "${output}"
    fi
fi