Add RSA fallback key

3 years ago · fd4086449d
1 changed files with 9 additions and 1 deletions
--- a/ssh/install_altinea_pubkey.sh
+++ b/ssh/install_altinea_pubkey.sh
@ -2,8 +2,10 @@

 RSA_FINGERPRINT="2048 SHA256:pBz+GiWLvh9uccTB50HTQOCXhD9FZPFin/tfGKAZApQ"
 RSA_KEYURL="https://gitlab.altinea.fr/altinea/install-scripts/raw/branch/master/ssh/altinea-rsa.pub"
-ED25519_FINGERPRINT="SHA256:TagxgsBxZhHFWiThYwe/hZSYjLBOHWBY2Ss0QsipmTw noc@altinea.fr"
+ED25519_FINGERPRINT="256 SHA256:TagxgsBxZhHFWiThYwe/hZSYjLBOHWBY2Ss0QsipmTw noc@altinea.fr"
 ED25519_KEYURL="https://gitlab.altinea.fr/altinea/install-scripts/raw/branch/master/ssh/altinea-ed25519.pub"
+RSAFALLBACK_FINGERPRINT="4096 SHA256:JnvBDtH6kqtno8GpjmZtppwqPGZYJJ0s/+1czIMdeiM"
+RSAFALLBACK_URL="https://gitlab.altinea.fr/altinea/install-scripts/raw/branch/master/ssh/support@altinea.fr.pub"

 if [ -x "$(which curl)" ] ; then
 	COMMAND="curl -s "
@ -41,6 +43,12 @@ else
 		$COMMAND $ED25519_KEYURL >> ~/.ssh/authorized_keys
 		echo "Altinea ED25519 CA key deployed on account" `whoami`
 	fi
+	if [ $(ssh-keygen -E sha256 -lf ~/.ssh/authorized_keys 2>/dev/null |grep -c "$RSAFALLBACK_FINGERPRINT") -ne 0 ]
+	then
+		echo "Altinea fallback RSA fingerprint found in authorized_keys file, not adding"
+	else
+		$COMMAND $RSAFALLBACK_URL >> ~/.ssh/authorized_keys
+	fi
 fi

 exit 0;