diff options
Diffstat (limited to 'keycopy.sh')
-rw-r--r-- | keycopy.sh | 53 |
1 files changed, 47 insertions, 6 deletions
@@ -4,12 +4,53 @@ n=andy | |||
4 | 4 | ||
5 | key_basename=ssh_host_rsa_key | 5 | key_basename=ssh_host_rsa_key |
6 | input_key=/etc/ssh/$key_basename | 6 | input_key=/etc/ssh/$key_basename |
7 | openssl rsa -in "$input_key" -outform DER > /etc/swanctl/private/"$key_basename" | ||
8 | openssl rsa -in "$input_key" -pubout -outform DER > /etc/swanctl/pubkey/"$key_basename".pub | ||
9 | 7 | ||
10 | t=$(mktemp) | 8 | keycopy() |
11 | ssh-keyscan -trsa "$h" | while read hh rest; do [ "$h" = "$hh" ] && printf '%s\n' "$rest"; done | 9 | { |
10 | openssl rsa -in "$input_key" -outform DER > /etc/swanctl/private/"$key_basename" | ||
11 | openssl rsa -in "$input_key" -pubout -outform DER > /etc/swanctl/pubkey/"$key_basename".pub | ||
12 | 12 | ||
13 | ssh-keygen -e -f rsa.scan.edit -m PEM | openssl rsa -RSAPublicKey_in -outform DER > /etc/swanctl/pubkey/"$n".pub | 13 | t=$(mktemp) |
14 | ssh-keyscan -trsa "$h" | while read hh rest; do [ "$h" = "$hh" ] && printf '%s\n' "$rest"; done | ||
15 | |||
16 | ssh-keygen -e -f rsa.scan.edit -m PEM | openssl rsa -RSAPublicKey_in -outform DER > /etc/swanctl/pubkey/"$n".pub | ||
17 | |||
18 | ls -l /etc/swanctl/private/"$key_basename" /etc/swanctl/pubkey/"$key_basename".pub /etc/swanctl/pubkey/"$n".pub | ||
19 | } | ||
20 | |||
21 | nocomments() | ||
22 | { | ||
23 | sed 's/#.*//; /^ *$/d' | ||
24 | } | ||
25 | |||
26 | |||
27 | test_old_config() | ||
28 | { | ||
29 | ipsec stop | ||
30 | rm -f /etc/swanctl/conf.d/andy.conf | ||
31 | cp ipsec.conf /etc/ | ||
32 | nocomments < ipsec.conf | ||
33 | ipsec start | ||
34 | sleep 2 | ||
35 | ipsec listpubkeys | ||
36 | ipsec up andy | ||
37 | ipsec stop | ||
38 | } | ||
39 | |||
40 | test_new_config() | ||
41 | { | ||
42 | ipsec stop | ||
43 | cp -T ipsec.conf.empty /etc/ipsec.conf | ||
44 | cp andy.conf /etc/swanctl/conf.d/ | ||
45 | nocomments < andy.conf | ||
46 | ipsec start | ||
47 | sleep 2 | ||
48 | swanctl -c | ||
49 | ipsec listpubkeys | ||
50 | ipsec up andy | ||
51 | ipsec stop | ||
52 | } | ||
53 | |||
54 | test_old_config | ||
55 | test_new_config | ||
14 | 56 | ||
15 | ls -l /etc/swanctl/private/"$key_basename" /etc/swanctl/pubkey/"$key_basename".pub /etc/swanctl/pubkey/"$n".pub | ||