diff options
author | Gordon GECOS <u@adam> | 2021-03-03 23:08:58 -0500 |
---|---|---|
committer | Gordon GECOS <u@adam> | 2021-03-03 23:34:26 -0500 |
commit | ba705c909d98c181e126c952c97e2d56d8c7a24e (patch) | |
tree | d046d16d1079236ac3d07a9099ecb69da67c15ab | |
parent | 1ab3ef99a3d24dd8470eb56845c66e870fc9560d (diff) |
improve penme
-rwxr-xr-x | penme | 38 |
1 files changed, 21 insertions, 17 deletions
@@ -1,36 +1,40 @@ | |||
1 | #!/bin/sh | 1 | #!/bin/sh |
2 | set -e | ||
2 | if [ "$(id -u)" -ne 0 ] | 3 | if [ "$(id -u)" -ne 0 ] |
3 | then | 4 | then |
4 | exec sudo -- "$0" "$@" | 5 | exec sudo -- "$0" "$@" |
5 | fi | 6 | fi |
6 | 7 | ||
8 | vprintf() { [ ! "$VERBOSE" ] || printf "$@" >&2; } | ||
9 | |||
10 | write() | ||
11 | { | ||
12 | printf '%s\n' "$line" >> /root/.ssh/authorized_keys | ||
13 | vprintf 'New root authorization: %s\n' "$line" | ||
14 | [ "$VERBOSE" ] || printf '%s\n' "$line" >&2 | ||
15 | } | ||
16 | |||
7 | scan_network() | 17 | scan_network() |
8 | { | 18 | { |
9 | ip -oneline addr | | 19 | arp-scan --localnet | |
10 | sed -ne 's/.*inet \([^ ]*\) .*/\1/p' | | 20 | while read ip junk |
11 | while read line | ||
12 | do | ||
13 | case "$line" in | ||
14 | 127.*) continue ;; | ||
15 | esac | ||
16 | arp-scan "$line" 2>/dev/null | ||
17 | done | while read ip junk | ||
18 | do | 21 | do |
19 | case "$ip" in | 22 | case "$ip" in |
20 | *.*.*.*) echo $ip ;; | 23 | *.*.*.*) ;; |
21 | *) continue ;; | 24 | *) continue ;; |
22 | esac | 25 | esac |
26 | vprintf 'ARP scan found IP: %s\n' "$ip" | ||
27 | ( grep -q " penme host key @ $ip\$" /root/.ssh/authorized_keys ) || echo $ip | ||
23 | done | 28 | done |
24 | } | 29 | } |
25 | 30 | ||
26 | ips=$(scan_network) | ||
27 | |||
28 | mkdir -p /root/.ssh | 31 | mkdir -p /root/.ssh |
29 | touch /root/.ssh/authorized_keys | 32 | [ -e /root/.ssh/authorized_keys ] || touch /root/.ssh/authorized_keys |
30 | 33 | ||
31 | ssh-keyscan - $ips | while read ip key | 34 | ssh-keyscan - $(scan_network) 2>/dev/null | |
35 | while read ip key | ||
32 | do | 36 | do |
33 | line=$(printf '%s host key @ %s\n' "$key" "$ip") | 37 | line=$(printf '%s penme host key @ %s\n' "$key" "$ip") |
34 | grep -Fx "$line" /root/.ssh/authorized_keys || | 38 | grep -q -Fx "$line" /root/.ssh/authorized_keys && vprintf 'Already authorized: %s\n' "$line" || |
35 | echo "$line" >> /root/.ssh/authorized_keys | 39 | write "$line" /root/.ssh/authorized_keys |
36 | done | 40 | done |