36 lines
1.1 KiB
Bash
36 lines
1.1 KiB
Bash
|
#!/bin/sh
|
||
|
# Configure SSH keys.
|
||
|
|
||
|
ssh_public_key=#{ssh_public_key}
|
||
|
ssh_private_key=#{ssh_private_key}
|
||
|
ssh_key_type=#{ssh_key_type}
|
||
|
|
||
|
ssh_path="${HOME}/.ssh"
|
||
|
private_key_path="${ssh_path}/id_${ssh_key_type}"
|
||
|
|
||
|
if [ ! -f "${private_key_path}" ]; then
|
||
|
# write public/private ssh key pair
|
||
|
public_key_path="${private_key_path}.pub"
|
||
|
|
||
|
# shellcheck disable=SC2174
|
||
|
mkdir -m 0700 -p "${ssh_path}"
|
||
|
touch "${public_key_path}" "${private_key_path}"
|
||
|
chmod 0600 "${public_key_path}" "${private_key_path}"
|
||
|
echo "${ssh_public_key}" > "${public_key_path}"
|
||
|
echo "${ssh_private_key}" > "${private_key_path}"
|
||
|
|
||
|
# add public key to authorized_keys
|
||
|
authoried_keys_path="${HOME}/.ssh/authorized_keys"
|
||
|
|
||
|
# the existing file is overwritten to avoid conflicts (ex: RHEL on EC2 blocks root login)
|
||
|
cat "${public_key_path}" > "${authoried_keys_path}"
|
||
|
chmod 0600 "${authoried_keys_path}"
|
||
|
|
||
|
# add localhost's server keys to known_hosts
|
||
|
known_hosts_path="${HOME}/.ssh/known_hosts"
|
||
|
|
||
|
for key in /etc/ssh/ssh_host_*_key.pub; do
|
||
|
echo "localhost $(cat "${key}")" >> "${known_hosts_path}"
|
||
|
done
|
||
|
fi
|