|
@ -6,7 +6,7 @@ ED25519_FINGERPRINT="SHA256:TagxgsBxZhHFWiThYwe/hZSYjLBOHWBY2Ss0QsipmTw noc@alti |
|
|
ED25519_KEYURL="https://gitlab.altinea.fr/altinea/install-scripts/raw/branch/master/ssh/altinea-ed25519.pub" |
|
|
ED25519_KEYURL="https://gitlab.altinea.fr/altinea/install-scripts/raw/branch/master/ssh/altinea-ed25519.pub" |
|
|
|
|
|
|
|
|
if [ -x "$(which curl)" ] ; then |
|
|
if [ -x "$(which curl)" ] ; then |
|
|
COMMAND="curl $" |
|
|
|
|
|
|
|
|
COMMAND="curl -s " |
|
|
echo "Found curl, using it" |
|
|
echo "Found curl, using it" |
|
|
elif [ -x "$(which wget)" ]; then |
|
|
elif [ -x "$(which wget)" ]; then |
|
|
COMMAND="wget -q -O - " |
|
|
COMMAND="wget -q -O - " |
|
@ -16,36 +16,31 @@ else |
|
|
exit 3; |
|
|
exit 3; |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
if [[ ! -d ~/.ssh ]]; |
|
|
|
|
|
then |
|
|
|
|
|
|
|
|
if [ ! -d ~/.ssh ]; then |
|
|
mkdir ~/.ssh |
|
|
mkdir ~/.ssh |
|
|
chmod 700 ~/.ssh |
|
|
chmod 700 ~/.ssh |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
if [[ -w ~/.ssh/authorized_keys2 ]] |
|
|
|
|
|
|
|
|
if [ -w ~/.ssh/authorized_keys2 ] |
|
|
then |
|
|
then |
|
|
echo "It seems you're still relying on authorized_keys2, this is (almost) deprecated." |
|
|
echo "It seems you're still relying on authorized_keys2, this is (almost) deprecated." |
|
|
exit 1; |
|
|
exit 1; |
|
|
else |
|
|
else |
|
|
touch ~/.ssh/authorized_keys |
|
|
touch ~/.ssh/authorized_keys |
|
|
if [ $(grep -c "$RSA_FINGERPRINT" <(ssh-keygen -E sha256 -lf ~/.ssh/authorized_keys 2>/dev/null)) -eq 1 ] |
|
|
|
|
|
|
|
|
if [ $(ssh-keygen -E sha256 -lf ~/.ssh/authorized_keys 2>/dev/null |grep -c "$RSA_FINGERPRINT") -ne 0 ] |
|
|
then |
|
|
then |
|
|
echo "Altinea RSA CA fingerprint found in authorized_keys file, not adding" |
|
|
echo "Altinea RSA CA fingerprint found in authorized_keys file, not adding" |
|
|
exit 2; |
|
|
|
|
|
else |
|
|
else |
|
|
$COMMAND $RSA_KEYURL >> ~/.ssh/authorized_keys |
|
|
$COMMAND $RSA_KEYURL >> ~/.ssh/authorized_keys |
|
|
echo "Altinea RSA CA key deployed on account" `whoami` |
|
|
echo "Altinea RSA CA key deployed on account" `whoami` |
|
|
exit 0; |
|
|
|
|
|
fi |
|
|
fi |
|
|
if [ $(grep -c "$ED25519_FINGERPRINT" <(ssh-keygen -E sha256 -lf ~/.ssh/authorized_keys 2>/dev/null)) -eq 1 ] |
|
|
|
|
|
|
|
|
if [ $(ssh-keygen -E sha256 -lf ~/.ssh/authorized_keys 2>/dev/null |grep -c "$ED25519_FINGERPRINT") -ne 0 ] |
|
|
then |
|
|
then |
|
|
echo "Altinea ED25519 CA fingerprint found in authorized_keys file, not adding" |
|
|
echo "Altinea ED25519 CA fingerprint found in authorized_keys file, not adding" |
|
|
exit 2; |
|
|
|
|
|
else |
|
|
else |
|
|
$COMMAND $ED25519_KEYURL >> ~/.ssh/authorized_keys |
|
|
$COMMAND $ED25519_KEYURL >> ~/.ssh/authorized_keys |
|
|
echo "Altinea ED25519 CA key deployed on account" `whoami` |
|
|
echo "Altinea ED25519 CA key deployed on account" `whoami` |
|
|
exit 0; |
|
|
|
|
|
fi |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
exit 99; |
|
|
|
|
|
|
|
|
exit 0; |