From 91512157ab426c87e0a82b594620e90e324b23a3 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Sun, 21 Nov 2021 11:43:55 +0000 Subject: [PATCH] refactor: finish moving ssh-* scripts to own installers --- ssh-adduser/install.sh | 21 +++++++- ssh-adduser/ssh-adduser.sh | 103 +++++++++++++++++++++++++++++++++++++ ssh-pubkey/install.sh | 14 +++-- ssh-pubkey/ssh-pubkey.ps1 | 47 ++++++++++++++++- ssh-pubkey/ssh-pubkey.sh | 45 +++++++++++++++- ssh-setpass/install.sh | 23 ++++++++- ssh-setpass/ssh-setpass.sh | 10 ++++ ssh-utils/install.sh | 20 +++++-- ssh-utils/ssh-adduser.sh | 103 +------------------------------------ ssh-utils/ssh-pubkey.ps1 | 47 +---------------- ssh-utils/ssh-pubkey.sh | 45 +--------------- ssh-utils/ssh-setpass.sh | 11 +--- 12 files changed, 274 insertions(+), 215 deletions(-) mode change 120000 => 100644 ssh-adduser/install.sh create mode 100644 ssh-adduser/ssh-adduser.sh mode change 120000 => 100644 ssh-pubkey/ssh-pubkey.ps1 mode change 120000 => 100644 ssh-pubkey/ssh-pubkey.sh mode change 120000 => 100644 ssh-setpass/install.sh create mode 100644 ssh-setpass/ssh-setpass.sh mode change 100644 => 120000 ssh-utils/ssh-adduser.sh mode change 100644 => 120000 ssh-utils/ssh-pubkey.ps1 mode change 100644 => 120000 ssh-utils/ssh-pubkey.sh mode change 100644 => 120000 ssh-utils/ssh-setpass.sh diff --git a/ssh-adduser/install.sh b/ssh-adduser/install.sh deleted file mode 120000 index a4f9a46..0000000 --- a/ssh-adduser/install.sh +++ /dev/null @@ -1 +0,0 @@ -../ssh-utils/ssh-adduser.sh \ No newline at end of file diff --git a/ssh-adduser/install.sh b/ssh-adduser/install.sh new file mode 100644 index 0000000..0673917 --- /dev/null +++ b/ssh-adduser/install.sh @@ -0,0 +1,20 @@ +#!/bin/bash +set -e +set -u + +function __install_ssh_adduser() { + my_cmd="ssh-adduser" + + rm -f "$HOME/.local/bin/${my_cmd}" + + webi_download \ + "$WEBI_HOST/packages/${my_cmd}/${my_cmd}.sh" \ + "$HOME/.local/bin/${my_cmd}" + + chmod a+x "$HOME/.local/bin/${my_cmd}" + + # run the command + "$HOME/.local/bin/${my_cmd}" +} + +__install_ssh_adduser diff --git a/ssh-adduser/ssh-adduser.sh b/ssh-adduser/ssh-adduser.sh new file mode 100644 index 0000000..edc7f31 --- /dev/null +++ b/ssh-adduser/ssh-adduser.sh @@ -0,0 +1,103 @@ +#!/bin/bash +set -e +set -u + +function main() { + + # Add User 'app' + # Picking 'app' by common convention (what Docker & Vagrant use). + my_new_user="${1:-"app"}" + #my_existing_user="${2:-"root"}" + + # TODO would $EUID be better? + if [[ "root" != "$(whoami)" ]]; then + echo "webi adduser: running user is already a non-root user" + exit 0 + fi + + if [[ ! -e ~/.ssh/authorized_keys ]] || ! grep -v '#' ~/.ssh/authorized_keys; then + echo "" + echo "Error:" + echo " You must add a key to ~/.ssh/authorized_keys before adding a new ssh user." + echo "" + echo "To fix:" + echo " Run 'curl https://webinstall.dev/ssh-pubkey | bash' on your local system, " + echo " then add that key to ~/.ssh/authorized_keys on this (the remote) system. " + echo "" + exit 1 + fi + + adduser --disabled-password --gecos '' "$my_new_user" + my_password=$(openssl rand -hex 16) + printf '%s\n%s' "${my_password}" "${my_password}" | passwd "${my_new_user}" + + # make 'app' a sudo-er (admin) + adduser "$my_new_user" sudo + echo "$my_new_user ALL=(ALL:ALL) NOPASSWD: ALL" | tee "/etc/sudoers.d/$my_new_user" + + # allow users who can already login as 'root' to login as 'app' + mkdir -p "/home/$my_new_user/.ssh/" + chmod 0700 "/home/$my_new_user/.ssh/" + cp -r "${HOME}/.ssh/authorized_keys" "/home/$my_new_user/.ssh/" + chmod 0600 "/home/$my_new_user/.ssh/authorized_keys" + touch "/home/$my_new_user/.ssh/config" + chmod 0644 "/home/$my_new_user/.ssh/config" + chown -R "$my_new_user":"$my_new_user" "/home/$my_new_user/.ssh/" + + # ensure that 'app' has an SSH Keypair + sudo -i -u "$my_new_user" bash -c "ssh-keygen -b 2048 -t rsa -f '/home/$my_new_user/.ssh/id_rsa' -q -N ''" + chown -R "$my_new_user":"$my_new_user" "/home/$my_new_user/.ssh/" + + # Install webi for the new 'app' user + WEBI_HOST=${WEBI_HOST:-"https://webinstall.dev"} + sudo -i -u "$my_new_user" bash -c "curl -fsSL '$WEBI_HOST/webi' | bash" || + sudo -i -u "$my_new_user" bash -c "wget -q -O - '$WEBI_HOST/webi' | bash" + + # TODO ensure that ssh-password login is off + my_pass="$(grep 'PasswordAuthentication yes' /etc/ssh/sshd_config)" + my_pam="" + if [[ "Darwin" == "$(uname -s)" ]]; then + # Turn off PAM for macOS or it will allow password login + my_pam="$(grep 'UsePAM yes' /etc/ssh/sshd_config)" + fi + if [[ -n ${my_pass} ]] || [[ -n ${my_pam} ]]; then + echo "######################################################################" + echo "# #" + echo "# WARNING #" + echo "# #" + echo "# Found /etc/ssh/sshd_config: #" + if [[ -n ${my_pass} ]]; then + echo "# PasswordAuthentication yes #" + fi + if [[ -n ${my_pam} ]]; then + echo "# UsePAM yes #" + fi + echo "# #" + echo "# This is EXTREMELY DANGEROUS and insecure. #" + echo "# We'll attempt to fix this now... #" + echo "# #" + + sed -i 's/#\?PasswordAuthentication \(yes\|no\)/PasswordAuthentication no/' \ + /etc/ssh/sshd_config + + sed -i 's/#\?UsePAM \(yes\|no\)/UsePAM no/' \ + /etc/ssh/sshd_config + + if grep "PasswordAuthentication yes" /etc/ssh/sshd_config; then + echo "# FAILED. Please check /etc/ssh/sshd_config manually. #" + else + echo "# Fixed... HOWEVER, you'll need to manually restart ssh: #" + echo "# #" + echo "# sudo systemctl restart ssh #" + echo "# #" + echo "# (you may want to make sure you can login as the new user first) #" + fi + echo "# #" + echo "######################################################################" + fi + + echo "Created user '${my_new_user}' as sudoer with a random password." + echo "(set a new password with 'password ${my_new_user}')" +} + +main "${1:-app}" diff --git a/ssh-pubkey/install.sh b/ssh-pubkey/install.sh index dc71cba..6f2ef5e 100644 --- a/ssh-pubkey/install.sh +++ b/ssh-pubkey/install.sh @@ -3,14 +3,18 @@ set -e set -u function __install_ssh_pubkey() { - MY_CMD="ssh-pubkey" + my_cmd="ssh-pubkey" - rm -f "$HOME/.local/bin/$MY_CMD" - webi_download "$WEBI_HOST/packages/$MY_CMD/$MY_CMD.sh" "$HOME/.local/bin/$MY_CMD" - chmod a+x "$HOME/.local/bin/$MY_CMD" + rm -f "$HOME/.local/bin/${my_cmd}" + + webi_download \ + "$WEBI_HOST/packages/${my_cmd}/${my_cmd}.sh" \ + "$HOME/.local/bin/${my_cmd}" + + chmod a+x "$HOME/.local/bin/${my_cmd}" # run the command - "$HOME/.local/bin/$MY_CMD" + "$HOME/.local/bin/${my_cmd}" } __install_ssh_pubkey diff --git a/ssh-pubkey/ssh-pubkey.ps1 b/ssh-pubkey/ssh-pubkey.ps1 deleted file mode 120000 index f874a74..0000000 --- a/ssh-pubkey/ssh-pubkey.ps1 +++ /dev/null @@ -1 +0,0 @@ -../ssh-utils/ssh-pubkey.ps1 \ No newline at end of file diff --git a/ssh-pubkey/ssh-pubkey.ps1 b/ssh-pubkey/ssh-pubkey.ps1 new file mode 100644 index 0000000..e86a858 --- /dev/null +++ b/ssh-pubkey/ssh-pubkey.ps1 @@ -0,0 +1,46 @@ +#!/usr/bin/env pwsh + +# TODO: can we use some of this? +# https://github.com/PowerShell/openssh-portable/blob/latestw_all/contrib/win32/openssh/FixUserFilePermissions.ps1 + +if (!(Test-Path -Path "$Env:USERPROFILE/.ssh")) +{ + New-Item -Path "$Env:USERPROFILE/.ssh" -ItemType Directory -Force | out-null + #& icacls "$Env:USERPROFILE/.ssh" /inheritance:r + #& icacls "$Env:USERPROFILE/.ssh" /grant:r "$Env:USERNAME":"(F)" +} + +if (!(Test-Path -Path "$Env:USERPROFILE/.ssh/config")) +{ + New-Item -Path "$Env:USERPROFILE/.ssh/config" -ItemType "file" -Value "" + #& icacls "$Env:USERPROFILE/.ssh/config" /inheritance:r + #& icacls "$Env:USERPROFILE/.ssh/config" /grant:r "$Env:USERNAME":"(F)" +} + +#if (!(Test-Path -Path "$Env:USERPROFILE/.ssh/authorized_keys")) +#{ +# New-Item -Path "$Env:USERPROFILE/.ssh/authorized_keys" -ItemType "file" -Value "" +# #& icacls "$Env:USERPROFILE/.ssh/authorized_keys" /inheritance:r +# #& icacls "$Env:USERPROFILE/.ssh/authorized_keys" /grant:r "$Env:USERNAME":"(F)" +#} + +if (!(Test-Path -Path "$Env:USERPROFILE/.ssh/id_rsa")) +{ + & ssh-keygen -b 2048 -t rsa -f "$Env:USERPROFILE/.ssh/id_rsa" -q -N """" + echo "" +} + +if (!(Test-Path -Path "$Env:USERPROFILE/.ssh/id_rsa.pub")) +{ + & ssh-keygen -y -f "$Env:USERPROFILE/.ssh/id_rsa" > "$Env:USERPROFILE/.ssh/id_rsa.pub" + echo "" +} + +# TODO use the comment (if any) for the name of the file +echo "" +echo "~/Downloads/id_rsa.$Env:USERNAME.pub": +echo "" +#rm -f "$Env:USERPROFILE/Downloads/id_rsa.$Env:USERNAME.pub": +Copy-Item -Path "$Env:USERPROFILE/.ssh/id_rsa.pub" -Destination "$Env:USERPROFILE/Downloads/id_rsa.$Env:USERNAME.pub" +& type "$Env:USERPROFILE/Downloads/id_rsa.$Env:USERNAME.pub" +echo "" diff --git a/ssh-pubkey/ssh-pubkey.sh b/ssh-pubkey/ssh-pubkey.sh deleted file mode 120000 index c96a4a1..0000000 --- a/ssh-pubkey/ssh-pubkey.sh +++ /dev/null @@ -1 +0,0 @@ -../ssh-utils/ssh-pubkey.sh \ No newline at end of file diff --git a/ssh-pubkey/ssh-pubkey.sh b/ssh-pubkey/ssh-pubkey.sh new file mode 100644 index 0000000..f729276 --- /dev/null +++ b/ssh-pubkey/ssh-pubkey.sh @@ -0,0 +1,44 @@ +#!/bin/bash +set -e +set -u + +function main() { + + if [ ! -d "$HOME/.ssh" ]; then + mkdir -p "$HOME/.ssh/" + chmod 0700 "$HOME/.ssh/" + fi + + if [ ! -f "$HOME/.ssh/config" ]; then + # for the benefit of VSCode + touch "$HOME/.ssh/config" + chmod 0644 "$HOME/.ssh/config" + fi + + if [ ! -f "$HOME/.ssh/authorized_keys" ]; then + touch "$HOME/.ssh/authorized_keys" + chmod 0600 "$HOME/.ssh/authorized_keys" + fi + + if [ ! -f "$HOME/.ssh/id_rsa" ]; then + ssh-keygen -b 2048 -t rsa -f "$HOME/.ssh/id_rsa" -q -N "" + echo >&2 "" + fi + + if [ ! -f "$HOME/.ssh/id_rsa.pub" ]; then + ssh-keygen -y -f "$HOME/.ssh/id_rsa" > "$HOME/.ssh/id_rsa.pub" + echo >&2 "" + fi + + # TODO use the comment (if any) for the name of the file + echo >&2 "" + #shellcheck disable=SC2088 + echo >&2 "~/Downloads/id_rsa.$(whoami).pub": + echo >&2 "" + rm -f "$HOME/Downloads/id_rsa.$(whoami).pub" + cp -r "$HOME/.ssh/id_rsa.pub" "$HOME/Downloads/id_rsa.$(whoami).pub" + cat "$HOME/Downloads/id_rsa.$(whoami).pub" + echo >&2 "" +} + +main diff --git a/ssh-setpass/install.sh b/ssh-setpass/install.sh deleted file mode 120000 index 6944512..0000000 --- a/ssh-setpass/install.sh +++ /dev/null @@ -1 +0,0 @@ -../ssh-utils/ssh-setpass.sh \ No newline at end of file diff --git a/ssh-setpass/install.sh b/ssh-setpass/install.sh new file mode 100644 index 0000000..67ef3b2 --- /dev/null +++ b/ssh-setpass/install.sh @@ -0,0 +1,22 @@ +#!/bin/bash +set -e +set -u + +function __install_ssh_setpass() { + my_cmd="ssh-setpass" + + rm -f "$HOME/.local/bin/${my_cmd}" + + webi_download \ + "$WEBI_HOST/packages/${my_cmd}/${my_cmd}.sh" \ + "$HOME/.local/bin/${my_cmd}" + + chmod a+x "$HOME/.local/bin/${my_cmd}" + + # run the command + echo '' + echo 'Set passphrase for ~/.ssh/id_rsa?' + "$HOME/.local/bin/${my_cmd}" +} + +__install_ssh_setpass diff --git a/ssh-setpass/ssh-setpass.sh b/ssh-setpass/ssh-setpass.sh new file mode 100644 index 0000000..c4a8022 --- /dev/null +++ b/ssh-setpass/ssh-setpass.sh @@ -0,0 +1,10 @@ +#!/bin/bash +set -e +set -u + +function main() { + my_key="${1:-"${HOME}/.ssh/id_rsa"}" + ssh-keygen -p -f "${my_key}" +} + +main "${1:-}" diff --git a/ssh-utils/install.sh b/ssh-utils/install.sh index e0be04b..4b47f9a 100644 --- a/ssh-utils/install.sh +++ b/ssh-utils/install.sh @@ -1,10 +1,22 @@ #!/bin/bash function __init_ssh_utils() { - rm -f "$HOME/.local/bin/ssh-pubkey" "$HOME/.local/bin/ssh-setpass" "$HOME/.local/bin/ssh-adduser" - webi_download "$WEBI_HOST/packages/ssh-utils/ssh-pubkey.sh" "$HOME/.local/bin/ssh-pubkey" - webi_download "$WEBI_HOST/packages/ssh-utils/ssh-setpass.sh" "$HOME/.local/bin/ssh-setpass" - webi_download "$WEBI_HOST/packages/ssh-utils/ssh-adduser.sh" "$HOME/.local/bin/ssh-adduser" + rm -f \ + "$HOME/.local/bin/ssh-pubkey" \ + "$HOME/.local/bin/ssh-setpass" \ + "$HOME/.local/bin/ssh-adduser" + # done + + webi_download \ + "$WEBI_HOST/packages/ssh-pubkey/ssh-pubkey.sh" \ + "$HOME/.local/bin/ssh-pubkey" + webi_download \ + "$WEBI_HOST/packages/ssh-setpass/ssh-setpass.sh" \ + "$HOME/.local/bin/ssh-setpass" + webi_download \ + "$WEBI_HOST/packages/ssh-adduser/ssh-adduser.sh" \ + "$HOME/.local/bin/ssh-adduser" + chmod a+x "$HOME/.local/bin/ssh-"* } diff --git a/ssh-utils/ssh-adduser.sh b/ssh-utils/ssh-adduser.sh deleted file mode 100644 index 17794a3..0000000 --- a/ssh-utils/ssh-adduser.sh +++ /dev/null @@ -1,102 +0,0 @@ -#!/bin/bash - -function __run_ssh_adduser() { - set -e - set -u - - # TODO would $EUID be better? - if [[ "root" != "$(whoami)" ]]; then - echo "webi adduser: running user is already a non-root user" - exit 0 - fi - - if [[ ! -e ~/.ssh/authorized_keys ]] || ! grep -v '#' ~/.ssh/authorized_keys; then - echo "" - echo "Error:" - echo " You must add a key to ~/.ssh/authorized_keys before adding a new ssh user." - echo "" - echo "To fix:" - echo " Run 'curl https://webinstall.dev/ssh-pubkey | bash' on your local system, " - echo " then add that key to ~/.ssh/authorized_keys on this (the remote) system. " - echo "" - exit 1 - fi - - # Add User 'app' - # Picking 'app' by common convention (what Docker & Vagrant use). - my_new_user="${1:-"app"}" - #my_existing_user="${2:-"root"}" - adduser --disabled-password --gecos '' "$my_new_user" - my_password=$(openssl rand -hex 16) - printf '%s\n%s' "${my_password}" "${my_password}" | passwd "${my_new_user}" - - # make 'app' a sudo-er (admin) - adduser "$my_new_user" sudo - echo "$my_new_user ALL=(ALL:ALL) NOPASSWD: ALL" | tee "/etc/sudoers.d/$my_new_user" - - # allow users who can already login as 'root' to login as 'app' - mkdir -p "/home/$my_new_user/.ssh/" - chmod 0700 "/home/$my_new_user/.ssh/" - cp -r "${HOME}/.ssh/authorized_keys" "/home/$my_new_user/.ssh/" - chmod 0600 "/home/$my_new_user/.ssh/authorized_keys" - touch "/home/$my_new_user/.ssh/config" - chmod 0644 "/home/$my_new_user/.ssh/config" - chown -R "$my_new_user":"$my_new_user" "/home/$my_new_user/.ssh/" - - # ensure that 'app' has an SSH Keypair - sudo -i -u "$my_new_user" bash -c "ssh-keygen -b 2048 -t rsa -f '/home/$my_new_user/.ssh/id_rsa' -q -N ''" - chown -R "$my_new_user":"$my_new_user" "/home/$my_new_user/.ssh/" - - # Install webi for the new 'app' user - WEBI_HOST=${WEBI_HOST:-"https://webinstall.dev"} - sudo -i -u "$my_new_user" bash -c "curl -fsSL '$WEBI_HOST/webi' | bash" || - sudo -i -u "$my_new_user" bash -c "wget -q -O - '$WEBI_HOST/webi' | bash" - - # TODO ensure that ssh-password login is off - my_pass="$(grep 'PasswordAuthentication yes' /etc/ssh/sshd_config)" - my_pam="" - if [[ "Darwin" == "$(uname -s)" ]]; then - # Turn off PAM for macOS or it will allow password login - my_pam="$(grep 'UsePAM yes' /etc/ssh/sshd_config)" - fi - if [[ -n ${my_pass} ]] || [[ -n ${my_pam} ]]; then - echo "######################################################################" - echo "# #" - echo "# WARNING #" - echo "# #" - echo "# Found /etc/ssh/sshd_config: #" - if [[ -n ${my_pass} ]]; then - echo "# PasswordAuthentication yes #" - fi - if [[ -n ${my_pam} ]]; then - echo "# UsePAM yes #" - fi - echo "# #" - echo "# This is EXTREMELY DANGEROUS and insecure. #" - echo "# We'll attempt to fix this now... #" - echo "# #" - - sed -i 's/#\?PasswordAuthentication \(yes\|no\)/PasswordAuthentication no/' \ - /etc/ssh/sshd_config - - sed -i 's/#\?UsePAM \(yes\|no\)/UsePAM no/' \ - /etc/ssh/sshd_config - - if grep "PasswordAuthentication yes" /etc/ssh/sshd_config; then - echo "# FAILED. Please check /etc/ssh/sshd_config manually. #" - else - echo "# Fixed... HOWEVER, you'll need to manually restart ssh: #" - echo "# #" - echo "# sudo systemctl restart ssh #" - echo "# #" - echo "# (you may want to make sure you can login as the new user first) #" - fi - echo "# #" - echo "######################################################################" - fi - - echo "Created user '${my_new_user}' as sudoer with a random password." - echo "(set a new password with 'password ${my_new_user}')" -} - -__run_ssh_adduser app diff --git a/ssh-utils/ssh-adduser.sh b/ssh-utils/ssh-adduser.sh new file mode 120000 index 0000000..de82e63 --- /dev/null +++ b/ssh-utils/ssh-adduser.sh @@ -0,0 +1 @@ +../ssh-adduser/ssh-adduser.sh \ No newline at end of file diff --git a/ssh-utils/ssh-pubkey.ps1 b/ssh-utils/ssh-pubkey.ps1 deleted file mode 100644 index e86a858..0000000 --- a/ssh-utils/ssh-pubkey.ps1 +++ /dev/null @@ -1,46 +0,0 @@ -#!/usr/bin/env pwsh - -# TODO: can we use some of this? -# https://github.com/PowerShell/openssh-portable/blob/latestw_all/contrib/win32/openssh/FixUserFilePermissions.ps1 - -if (!(Test-Path -Path "$Env:USERPROFILE/.ssh")) -{ - New-Item -Path "$Env:USERPROFILE/.ssh" -ItemType Directory -Force | out-null - #& icacls "$Env:USERPROFILE/.ssh" /inheritance:r - #& icacls "$Env:USERPROFILE/.ssh" /grant:r "$Env:USERNAME":"(F)" -} - -if (!(Test-Path -Path "$Env:USERPROFILE/.ssh/config")) -{ - New-Item -Path "$Env:USERPROFILE/.ssh/config" -ItemType "file" -Value "" - #& icacls "$Env:USERPROFILE/.ssh/config" /inheritance:r - #& icacls "$Env:USERPROFILE/.ssh/config" /grant:r "$Env:USERNAME":"(F)" -} - -#if (!(Test-Path -Path "$Env:USERPROFILE/.ssh/authorized_keys")) -#{ -# New-Item -Path "$Env:USERPROFILE/.ssh/authorized_keys" -ItemType "file" -Value "" -# #& icacls "$Env:USERPROFILE/.ssh/authorized_keys" /inheritance:r -# #& icacls "$Env:USERPROFILE/.ssh/authorized_keys" /grant:r "$Env:USERNAME":"(F)" -#} - -if (!(Test-Path -Path "$Env:USERPROFILE/.ssh/id_rsa")) -{ - & ssh-keygen -b 2048 -t rsa -f "$Env:USERPROFILE/.ssh/id_rsa" -q -N """" - echo "" -} - -if (!(Test-Path -Path "$Env:USERPROFILE/.ssh/id_rsa.pub")) -{ - & ssh-keygen -y -f "$Env:USERPROFILE/.ssh/id_rsa" > "$Env:USERPROFILE/.ssh/id_rsa.pub" - echo "" -} - -# TODO use the comment (if any) for the name of the file -echo "" -echo "~/Downloads/id_rsa.$Env:USERNAME.pub": -echo "" -#rm -f "$Env:USERPROFILE/Downloads/id_rsa.$Env:USERNAME.pub": -Copy-Item -Path "$Env:USERPROFILE/.ssh/id_rsa.pub" -Destination "$Env:USERPROFILE/Downloads/id_rsa.$Env:USERNAME.pub" -& type "$Env:USERPROFILE/Downloads/id_rsa.$Env:USERNAME.pub" -echo "" diff --git a/ssh-utils/ssh-pubkey.ps1 b/ssh-utils/ssh-pubkey.ps1 new file mode 120000 index 0000000..14d6c6c --- /dev/null +++ b/ssh-utils/ssh-pubkey.ps1 @@ -0,0 +1 @@ +../ssh-pubkey/ssh-pubkey.ps1 \ No newline at end of file diff --git a/ssh-utils/ssh-pubkey.sh b/ssh-utils/ssh-pubkey.sh deleted file mode 100644 index 40b09fa..0000000 --- a/ssh-utils/ssh-pubkey.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/bash -set -e -set -u - -function _ssh_pubkey() { - - if [ ! -d "$HOME/.ssh" ]; then - mkdir -p "$HOME/.ssh/" - chmod 0700 "$HOME/.ssh/" - fi - - if [ ! -f "$HOME/.ssh/config" ]; then - # for the benefit of VSCode - touch "$HOME/.ssh/config" - chmod 0644 "$HOME/.ssh/config" - fi - - if [ ! -f "$HOME/.ssh/authorized_keys" ]; then - touch "$HOME/.ssh/authorized_keys" - chmod 0600 "$HOME/.ssh/authorized_keys" - fi - - if [ ! -f "$HOME/.ssh/id_rsa" ]; then - ssh-keygen -b 2048 -t rsa -f "$HOME/.ssh/id_rsa" -q -N "" - echo >&2 "" - fi - - if [ ! -f "$HOME/.ssh/id_rsa.pub" ]; then - ssh-keygen -y -f "$HOME/.ssh/id_rsa" > "$HOME/.ssh/id_rsa.pub" - echo >&2 "" - fi - - # TODO use the comment (if any) for the name of the file - echo >&2 "" - #shellcheck disable=SC2088 - echo >&2 "~/Downloads/id_rsa.$(whoami).pub": - echo >&2 "" - rm -f "$HOME/Downloads/id_rsa.$(whoami).pub" - cp -r "$HOME/.ssh/id_rsa.pub" "$HOME/Downloads/id_rsa.$(whoami).pub" - cat "$HOME/Downloads/id_rsa.$(whoami).pub" - echo >&2 "" -} - -_ssh_pubkey diff --git a/ssh-utils/ssh-pubkey.sh b/ssh-utils/ssh-pubkey.sh new file mode 120000 index 0000000..45c84e5 --- /dev/null +++ b/ssh-utils/ssh-pubkey.sh @@ -0,0 +1 @@ +../ssh-pubkey/ssh-pubkey.sh \ No newline at end of file diff --git a/ssh-utils/ssh-setpass.sh b/ssh-utils/ssh-setpass.sh deleted file mode 100644 index a68cf57..0000000 --- a/ssh-utils/ssh-setpass.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash - -function __init_ssh_setpass() { - set -e - set -u - - ssh-keygen -p -f "$HOME/.ssh/id_rsa" -} - -__init_ssh_setpass diff --git a/ssh-utils/ssh-setpass.sh b/ssh-utils/ssh-setpass.sh new file mode 120000 index 0000000..d79a30e --- /dev/null +++ b/ssh-utils/ssh-setpass.sh @@ -0,0 +1 @@ +../ssh-setpass/ssh-setpass.sh \ No newline at end of file -- 2.25.1