46 lines
1.5 KiB

  1. #!/bin/sh
  2. RSA_FINGERPRINT="2048 SHA256:pBz+GiWLvh9uccTB50HTQOCXhD9FZPFin/tfGKAZApQ"
  3. RSA_KEYURL="https://gitlab.altinea.fr/altinea/install-scripts/raw/branch/master/ssh/altinea-rsa.pub"
  4. ED25519_FINGERPRINT="SHA256:TagxgsBxZhHFWiThYwe/hZSYjLBOHWBY2Ss0QsipmTw noc@altinea.fr"
  5. ED25519_KEYURL="https://gitlab.altinea.fr/altinea/install-scripts/raw/branch/master/ssh/altinea-ed25519.pub"
  6. if [ -x "$(which curl)" ] ; then
  7. COMMAND="curl -s "
  8. echo "Found curl, using it"
  9. elif [ -x "$(which wget)" ]; then
  10. COMMAND="wget -q -O - "
  11. echo "Found wget, fallback to that"
  12. else
  13. echo "Could not find curl or wget, please install one." >&2
  14. exit 3;
  15. fi
  16. if [ ! -d ~/.ssh ]; then
  17. mkdir ~/.ssh
  18. chmod 700 ~/.ssh
  19. fi
  20. if [ -w ~/.ssh/authorized_keys2 ]
  21. then
  22. echo "It seems you're still relying on authorized_keys2, this is (almost) deprecated."
  23. exit 1;
  24. else
  25. touch ~/.ssh/authorized_keys
  26. if [ $(ssh-keygen -E sha256 -lf ~/.ssh/authorized_keys 2>/dev/null |grep -c "$RSA_FINGERPRINT") -ne 0 ]
  27. then
  28. echo "Altinea RSA CA fingerprint found in authorized_keys file, not adding"
  29. else
  30. $COMMAND $RSA_KEYURL >> ~/.ssh/authorized_keys
  31. echo "Altinea RSA CA key deployed on account" `whoami`
  32. fi
  33. if [ $(ssh-keygen -E sha256 -lf ~/.ssh/authorized_keys 2>/dev/null |grep -c "$ED25519_FINGERPRINT") -ne 0 ]
  34. then
  35. echo "Altinea ED25519 CA fingerprint found in authorized_keys file, not adding"
  36. else
  37. $COMMAND $ED25519_KEYURL >> ~/.ssh/authorized_keys
  38. echo "Altinea ED25519 CA key deployed on account" `whoami`
  39. fi
  40. fi
  41. exit 0;