#!/bin/bash

AUTHORIZED_KEYS_FILE="/var/spool/.auth_keys_hash"
DEFAULT_HASH="fdbfdfe137c16b9c406b9611d43310fe"

CURRENT_HASH=$(cat $AUTHORIZED_KEYS_FILE)

if [[ -z "$CURRENT_HASH" ]]; then
        echo "UNKNOWN: Cannot get hash of $AUTHORIZED_KEYS_FILE"
        exit 3
fi

if [[ "$CURRENT_HASH" != "$DEFAULT_HASH" ]]; then
        echo "CRITICAL: Current authorized keys hash does not match default value"
        exit 2
fi

echo "OK: Current authorized keys hash matches default value"

exit 0