#!/bin/sh # # /usr/local/bin/ORCpushkey # # arg 1 is the dest host # # Copyright (c) 1998 Owl River Company # (an unpublished work) # info@owlriver.com # 614 - 221 - 0695 # # ALWAYS licensed, Never sold # Unauthorized reproduction prohibited # # VER="0.12-020326" # # 020326 0.12 RPH - require non-zero size of a key, typo fix # 020325 0.11 RPH - support -t for rsa1 keys # 011230 0.10 RPH - missing ~/.ssh directory fixup -- also # authorized_keys and authorized_keys2 verification # 011128 0.09 RPH - mising keys are identified and carped about # 011127 0.08 RPH - OpenSSH 2.9 is tighter # 010425 RPH 0.07 - support older ssh-keygen # 010421 RPH 0.06 - dsa support # 010326 RPH 0.05 - Usage notes # 001115 RPH 0.04 - renamed ORCpushkey from ORCauthPush # 001114 RPH 0.03 - enhance robustness on file presence # 001101 RPH 0.02 - fix remote path issues # MYNAME=`basename $0` THISHOST=`hostname -s` IAM=`id | awk {'print $1'} | awk -F "(" {'print $2'} | \ tr -d ")"` # # DESTHOST=$1 [ "x$DESTHOST" = "x-h" ] && { echo "Usage: $MYNAME hostname " echo " ... Place the current userid public RSA and DSA SSH keys " echo " on remote host hostname " echo " ... Use a hostname of localhost to JUST generate " echo " any missing keys ..." exit 0 } # [ "x$DESTHOST" = "x" ] && { echo "Error: $MYNAME - No destination host specified -- bailing " 1>&2 exit 1 } # [ "x$DESTHOST" = "xlocalhost" ] && { echo "I won't talk with myself ..." 1>&2 exit 0 } # cd [ ! -d .ssh ] && { mkdir .ssh chmod 700 .ssh } cd .ssh [ ! -e authorized_keys ] && { touch authorized_keys chmod 700 authorized_keys } [ ! -e authorized_keys2 ] && { touch authorized_keys2 chmod 700 authorized_keys2 } # # There should NOT be backup keys present -- implies a problem # BACKUPKEY=" identity.pub.bak id_rsa.pub.bak id_dsa.pub.bak \ identity.bak id_rsa.bak id_dsa.bak " # STP="no" for i in `echo "$BACKUPKEY" `; do [ -s $i ] && { echo "Hunh: $i" 1>&2 STOP="yes" export STP } done [ "x$STP" != "xno" ] && { echo "$MYNAME -- found .bak identity file ... bailing" 1>&2 echo " fix and restart" 1>&2 exit 1 } # # and make keys as needed # [ ! -s identity.pub -o ! -s identity ] && { echo "Error: $MYNAME - No 'identity.pub pair' found " 1>&2 [ -s identity ] && mv identity identity.bak [ -s identity.pub ] && mv identity.pub identity.pub.bak ssh-keygen -t rsa1 touch identity.pub } [ ! -s id_rsa.pub -o ! -s id_rsa ] && { echo "Error: $MYNAME - No 'id_rsa.pub pair' found " 1>&2 [ -s id_rsa ] && mv id_rsa id_rsa.bak [ -s id_rsa.pub ] && mv id_rsa.pub id_rsa.pub.bak ssh-keygen -t rsa touch id_rsa.pub } [ ! -s id_dsa.pub -o ! -s id_dsa ] && { echo "Error: $MYNAME - No 'id_dsa.pub pair' found " 1>&2 [ -s id_dsa ] && mv id_dsa id_dsa.bak [ -s id_dsa.pub ] && mv id_dsa.pub id_dsa.pub.bak ssh-keygen -t dsa touch id_dsa.pub } TOFILE=$THISHOST.$IAM.identity.pub [ -s $THISHOST.$IAM.identity.pub ] || { cp identity.pub $TOFILE touch $TOFILE } TOFILE=$THISHOST.$IAM.id_dsa.pub [ -s $THISHOST.$IAM.id_dsa.pub ] || { cp id_dsa.pub $TOFILE touch $TOFILE } TOFILE=$THISHOST.$IAM.id_rsa.pub [ -s $THISHOST.$IAM.id_rsa.pub ] || { cp id_rsa.pub $TOFILE touch $TOFILE } # # # ssh $DESTHOST mkdir ~$IAM/.ssh/ > /dev/null 2>&1 ssh $DESTHOST chmod 700 ~$IAM/.ssh/ # # DSA keys # TOFILE=$THISHOST.$IAM.id_dsa.pub scp $TOFILE $DESTHOST:~$IAM/.ssh/$TOFILE ssh $DESTHOST cat ~$IAM/.ssh/$TOFILE \>\> ~$IAM/.ssh/authorized_keys2 ssh $DESTHOST chmod 600 ~$IAM/.ssh/authorized_keys2 # # RSA keys - ver 2 # TOFILE=$THISHOST.$IAM.id_rsa.pub scp $TOFILE $DESTHOST:~$IAM/.ssh/$TOFILE ssh $DESTHOST cat ~$IAM/.ssh/$TOFILE \>\> ~$IAM/.ssh/authorized_keys2 ssh $DESTHOST chmod 600 ~$IAM/.ssh/authorized_keys2 # # RSA keys # TOFILE=$THISHOST.$IAM.identity.pub scp $TOFILE $DESTHOST:~$IAM/.ssh/$TOFILE ssh $DESTHOST cat ~$IAM/.ssh/$TOFILE \>\> ~$IAM/.ssh/authorized_keys ssh $DESTHOST chmod 600 ~$IAM/.ssh/authorized_keys # # echo "Keys are in place -- please test thus: echo " ssh $DESTHOST ls -al ~$IAM/.ssh " " # #