From 874473a28adbf9663ee440f66d15cd80a2208435 Mon Sep 17 00:00:00 2001
From: Julien Escario <julien.escario@altinea.fr>
Date: Tue, 21 Jul 2020 12:20:52 +0200
Subject: [PATCH] Added ED25519 CA key install (2)

---
 ssh/install_altinea_pubkey.sh | 29 ++++++++++++++++++++---------
 1 file changed, 20 insertions(+), 9 deletions(-)

diff --git a/ssh/install_altinea_pubkey.sh b/ssh/install_altinea_pubkey.sh
index 1bef2fc..2ad729a 100755
--- a/ssh/install_altinea_pubkey.sh
+++ b/ssh/install_altinea_pubkey.sh
@@ -1,13 +1,15 @@
-#!/bin/bash
+#!/bin/sh
 
-FINGERPRINT="2048 SHA256:pBz+GiWLvh9uccTB50HTQOCXhD9FZPFin/tfGKAZApQ"
-KEYURL="https://gitlab.altinea.fr/altinea/install-scripts/raw/branch/master/ssh/altinea-rsa.pub"
+RSA_FINGERPRINT="2048 SHA256:pBz+GiWLvh9uccTB50HTQOCXhD9FZPFin/tfGKAZApQ"
+RSA_KEYURL="https://gitlab.altinea.fr/altinea/install-scripts/raw/branch/master/ssh/altinea-rsa.pub"
+ED25519_FINGERPRINT="SHA256:TagxgsBxZhHFWiThYwe/hZSYjLBOHWBY2Ss0QsipmTw noc@altinea.fr"
+ED25519_KEYURL="https://gitlab.altinea.fr/altinea/install-scripts/raw/branch/master/ssh/altinea-ed25519.pub"
 
 if [ -x "$(which curl)" ] ; then
-	COMMAND="curl $KEYURL"
+	COMMAND="curl $"
 	echo "Found curl, using it"
 elif [ -x "$(which wget)" ]; then
-	COMMAND="wget -q -O - $KEYURL"
+	COMMAND="wget -q -O - "
 	echo "Found wget, fallback to that"
 else
 	echo "Could not find curl or wget, please install one." >&2
@@ -26,13 +28,22 @@ then
 	exit 1;
 else
 	touch ~/.ssh/authorized_keys
-	if [ $(grep -c "$FINGERPRINT" <(ssh-keygen -E sha256 -lf ~/.ssh/authorized_keys 2>/dev/null)) -eq 1 ]
+	if [ $(grep -c "$RSA_FINGERPRINT" <(ssh-keygen -E sha256 -lf ~/.ssh/authorized_keys 2>/dev/null)) -eq 1 ]
 	then
-		echo "Altinea CA fingerprint found in authorized_keys file, not adding"
+		echo "Altinea RSA CA fingerprint found in authorized_keys file, not adding"
 		exit 2;
 	else
-		$COMMAND >> ~/.ssh/authorized_keys
-		echo "Altinea CA SSH key deployed on this account"
+		$COMMAND $RSA_KEYURL >> ~/.ssh/authorized_keys
+		echo "Altinea RSA CA key deployed on account" `whoami`
+		exit 0;
+	fi
+	if [ $(grep -c "$ED25519_FINGERPRINT" <(ssh-keygen -E sha256 -lf ~/.ssh/authorized_keys 2>/dev/null)) -eq 1 ]
+	then
+		echo "Altinea ED25519 CA fingerprint found in authorized_keys file, not adding"
+		exit 2;
+	else
+		$COMMAND $ED25519_KEYURL >> ~/.ssh/authorized_keys
+		echo "Altinea ED25519 CA key deployed on account" `whoami`
 		exit 0;
 	fi
 fi