Browse Source

Install script is now POSIX compliant (tested with bash, ksh, zsh and dash)

pull/1/head
Julien Escario 5 years ago
parent
commit
045c3198b9
  1. 17
      ssh/install_altinea_pubkey.sh

17
ssh/install_altinea_pubkey.sh

@ -6,7 +6,7 @@ ED25519_FINGERPRINT="SHA256:TagxgsBxZhHFWiThYwe/hZSYjLBOHWBY2Ss0QsipmTw noc@alti
ED25519_KEYURL="https://gitlab.altinea.fr/altinea/install-scripts/raw/branch/master/ssh/altinea-ed25519.pub" ED25519_KEYURL="https://gitlab.altinea.fr/altinea/install-scripts/raw/branch/master/ssh/altinea-ed25519.pub"
if [ -x "$(which curl)" ] ; then if [ -x "$(which curl)" ] ; then
COMMAND="curl $"
COMMAND="curl -s "
echo "Found curl, using it" echo "Found curl, using it"
elif [ -x "$(which wget)" ]; then elif [ -x "$(which wget)" ]; then
COMMAND="wget -q -O - " COMMAND="wget -q -O - "
@ -16,36 +16,31 @@ else
exit 3; exit 3;
fi fi
if [[ ! -d ~/.ssh ]];
then
if [ ! -d ~/.ssh ]; then
mkdir ~/.ssh mkdir ~/.ssh
chmod 700 ~/.ssh chmod 700 ~/.ssh
fi fi
if [[ -w ~/.ssh/authorized_keys2 ]]
if [ -w ~/.ssh/authorized_keys2 ]
then then
echo "It seems you're still relying on authorized_keys2, this is (almost) deprecated." echo "It seems you're still relying on authorized_keys2, this is (almost) deprecated."
exit 1; exit 1;
else else
touch ~/.ssh/authorized_keys touch ~/.ssh/authorized_keys
if [ $(grep -c "$RSA_FINGERPRINT" <(ssh-keygen -E sha256 -lf ~/.ssh/authorized_keys 2>/dev/null)) -eq 1 ]
if [ $(ssh-keygen -E sha256 -lf ~/.ssh/authorized_keys 2>/dev/null |grep -c "$RSA_FINGERPRINT") -ne 0 ]
then then
echo "Altinea RSA CA fingerprint found in authorized_keys file, not adding" echo "Altinea RSA CA fingerprint found in authorized_keys file, not adding"
exit 2;
else else
$COMMAND $RSA_KEYURL >> ~/.ssh/authorized_keys $COMMAND $RSA_KEYURL >> ~/.ssh/authorized_keys
echo "Altinea RSA CA key deployed on account" `whoami` echo "Altinea RSA CA key deployed on account" `whoami`
exit 0;
fi fi
if [ $(grep -c "$ED25519_FINGERPRINT" <(ssh-keygen -E sha256 -lf ~/.ssh/authorized_keys 2>/dev/null)) -eq 1 ]
if [ $(ssh-keygen -E sha256 -lf ~/.ssh/authorized_keys 2>/dev/null |grep -c "$ED25519_FINGERPRINT") -ne 0 ]
then then
echo "Altinea ED25519 CA fingerprint found in authorized_keys file, not adding" echo "Altinea ED25519 CA fingerprint found in authorized_keys file, not adding"
exit 2;
else else
$COMMAND $ED25519_KEYURL >> ~/.ssh/authorized_keys $COMMAND $ED25519_KEYURL >> ~/.ssh/authorized_keys
echo "Altinea ED25519 CA key deployed on account" `whoami` echo "Altinea ED25519 CA key deployed on account" `whoami`
exit 0;
fi fi
fi fi
exit 99;
exit 0;
Loading…
Cancel
Save