|
|
@ -1,5 +1,19 @@ |
|
|
#!/bin/bash |
|
|
#!/bin/bash |
|
|
|
|
|
|
|
|
|
|
|
FINGERPRINT="2048 SHA256:pBz+GiWLvh9uccTB50HTQOCXhD9FZPFin/tfGKAZApQ" |
|
|
|
|
|
KEYURL="https://gitlab.altinea.fr/julien.escario/install-scripts/raw/branch/master/ssh/altinea.key" |
|
|
|
|
|
|
|
|
|
|
|
if [ -x "$(which curl)" ] ; then |
|
|
|
|
|
COMMAND="curl $KEYURL" |
|
|
|
|
|
echo "Found curl, using it" |
|
|
|
|
|
elif [ -x "$(which wget)" ]; then |
|
|
|
|
|
COMMAND="wget -q -O - $KEYURL" |
|
|
|
|
|
echo "Found wget, fallback to that" |
|
|
|
|
|
else |
|
|
|
|
|
echo "Could not find curl or wget, please install one." >&2 |
|
|
|
|
|
exit 3; |
|
|
|
|
|
fi |
|
|
|
|
|
|
|
|
if [[ ! -d ~/.ssh ]]; |
|
|
if [[ ! -d ~/.ssh ]]; |
|
|
then |
|
|
then |
|
|
mkdir ~/.ssh |
|
|
mkdir ~/.ssh |
|
|
@ -8,10 +22,19 @@ fi |
|
|
|
|
|
|
|
|
if [[ -w ~/.ssh/authorized_keys2 ]] |
|
|
if [[ -w ~/.ssh/authorized_keys2 ]] |
|
|
then |
|
|
then |
|
|
wget --no-check-certificate -q -O - https://wiki.altinea.fr/lib/exe/fetch.php/public:altinea.key >> ~/.ssh/authorized_keys2 |
|
|
|
|
|
|
|
|
echo "It seems you're still relying on authorized_keys2, this is (almost) deprecated." |
|
|
|
|
|
exit 1; |
|
|
else |
|
|
else |
|
|
touch ~/.ssh/authorized_keys |
|
|
touch ~/.ssh/authorized_keys |
|
|
wget --no-check-certificate -q -O - https://wiki.altinea.fr/lib/exe/fetch.php/public:altinea.key >> ~/.ssh/authorized_keys |
|
|
|
|
|
|
|
|
if [ $(grep -c "$FINGERPRINT" <(ssh-keygen -E sha256 -lf ~/.ssh/authorized_keys 2>/dev/null)) -eq 1 ] |
|
|
|
|
|
then |
|
|
|
|
|
echo "Altinea CA fingerprint found in authorized_keys file, not adding" |
|
|
|
|
|
exit 2; |
|
|
|
|
|
else |
|
|
|
|
|
$COMMAND >> ~/.ssh/authorized_keys |
|
|
|
|
|
echo "Altinea CA SSH key deployed on this account" |
|
|
|
|
|
exit 0; |
|
|
|
|
|
fi |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
echo "Clé SSH Altinea installée" |
|
|
|
|
|
|
|
|
exit 99; |
