1 files changed, 0 insertions, 115 deletions
diff --git a/keycopy.sh b/keycopy.sh
deleted file mode 100644
index 68c97fd..0000000
--- a/keycopy.sh
+++ /dev/null
@@ -1,115 +0,0 @@
-#!/bin/sh
-yourip=68.48.18.140
-h=$yourip
-n=andy
-key_basename=ssh_host_rsa_key
-input_key=/etc/ssh/$key_basename
-ssh2der()
-{
-        ssh-keygen -e -f "$1" -m PEM | openssl rsa -RSAPublicKey_in -outform DER
-}
-match_and_drop_first_word()
-{
-        expect=$1
-        while read word rest
-        do
-                if [ "$word" = "$expect" ]
-                then
-                        printf '%s\n' "$rest"
-                        return
-                fi
-        done
-        false
-}
-keyscan()
-{
-        if [ -e keyscan.cache ]
-        then
-                cat keyscan.cache
-        else
-                ssh-keyscan -t rsa "$1"
-        fi
-}
-keycopy()
-{
-        openssl rsa -in "$input_key"         -outform DER > /etc/swanctl/private/"$key_basename"
-        openssl rsa -in "$input_key" -pubout -outform DER > /etc/swanctl/pubkey/"$key_basename".pub
-        t=$(mktemp)
-        keyscan "$yourip" | match_and_drop_first_word "$yourip" > "$t"
-        ssh2der "$t" > /etc/swanctl/pubkey/"$n".pub
-        rm -f "$t"
-}
-nocomments()
-{
-        sed 's/#.*//; /^ *$/d'
-}
-write_config()
-{
-        conn=$1
-        remote_addrs=$2
-        id=$3
-        cat > /etc/swanctl/conf.d/"$conn".conf <<END
-connections {
-    ${conn} {
-        remote_addrs = ${remote_addrs}
-        vips = ::
-        local {
-            pubkeys = ssh_host_rsa_key.pub
-            id = ${id}
-        }
-        remote {
-            id = "${remote_addrs}"
-            pubkeys = ${conn}.pub
-        }
-        children {
-            child {
-                remote_ts = 0::0/0
-                dpd_action = restart
-            }
-        }
-    }
-}
-secrets {
-    private1 {
-        file = ssh_host_rsa_key
-    }
-}
-END
-}
-generate_config()
-{
-        iface=$(ip -oneline route get "$yourip"  | sed -ne 's/.* dev \([^ ]*\) .*/\1/p')
-        [ "$iface" ] || return
-        mymac=$(ip -oneline -6 addr  show dev "$iface" | sed -ne 's/.* inet6 fe80::\([^/]*\)\/.*/\1/p')
-        [ "$mymac" ] || return
-        write_config andy "$yourip" "$mymac"
-}
-test_new_config()
-{
-        ipsec stop
-        generate_config
-        ipsec start
-        sleep 2
-        swanctl -c
-        ipsec listpubkeys
-        ipsec up andy
-}
-set -e
-keycopy
-test_new_config

diff --git a/keycopy.sh b/keycopy.sh deleted file mode 100644 index 68c97fd..0000000 --- a/keycopy.sh +++ /dev/null
@@ -1,115 +0,0 @@
1	#!/bin/sh
2	yourip=68.48.18.140
3	h=$yourip
4	n=andy
5
6	key_basename=ssh_host_rsa_key
7	input_key=/etc/ssh/$key_basename
8
9	ssh2der()
10	{
11	ssh-keygen -e -f "$1" -m PEM \| openssl rsa -RSAPublicKey_in -outform DER
12	}
13
14	match_and_drop_first_word()
15	{
16	expect=$1
17	while read word rest
18	do
19	if [ "$word" = "$expect" ]
20	then
21	printf '%s\n' "$rest"
22	return
23	fi
24	done
25	false
26	}
27
28	keyscan()
29	{
30	if [ -e keyscan.cache ]
31	then
32	cat keyscan.cache
33	else
34	ssh-keyscan -t rsa "$1"
35	fi
36	}
37
38	keycopy()
39	{
40	openssl rsa -in "$input_key" -outform DER > /etc/swanctl/private/"$key_basename"
41	openssl rsa -in "$input_key" -pubout -outform DER > /etc/swanctl/pubkey/"$key_basename".pub
42
43	t=$(mktemp)
44
45	keyscan "$yourip" \| match_and_drop_first_word "$yourip" > "$t"
46	ssh2der "$t" > /etc/swanctl/pubkey/"$n".pub
47	rm -f "$t"
48	}
49
50	nocomments()
51	{
52	sed 's/#.//; /^ $/d'
53	}
54
55
56	write_config()
57	{
58	conn=$1
59	remote_addrs=$2
60	id=$3
61	cat > /etc/swanctl/conf.d/"$conn".conf <<END
62	connections {
63	${conn} {
64	remote_addrs = ${remote_addrs}
65	vips = ::
66	local {
67	pubkeys = ssh_host_rsa_key.pub
68	id = ${id}
69	}
70	remote {
71	id = "${remote_addrs}"
72	pubkeys = ${conn}.pub
73	}
74	children {
75	child {
76	remote_ts = 0::0/0
77	dpd_action = restart
78	}
79	}
80	}
81	}
82	secrets {
83	private1 {
84	file = ssh_host_rsa_key
85	}
86	}
87	END
88	}
89
90	generate_config()
91	{
92	iface=$(ip -oneline route get "$yourip" \| sed -ne 's/.* dev \([^ ]\) ./\1/p')
93	[ "$iface" ] \|\| return
94	mymac=$(ip -oneline -6 addr show dev "$iface" \| sed -ne 's/.* inet6 fe80::\([^/]\)\/./\1/p')
95	[ "$mymac" ] \|\| return
96	write_config andy "$yourip" "$mymac"
97	}
98
99	test_new_config()
100	{
101	ipsec stop
102
103	generate_config
104
105	ipsec start
106	sleep 2
107	swanctl -c
108	ipsec listpubkeys
109	ipsec up andy
110	}
111
112	set -e
113	keycopy
114	test_new_config
115