From ba705c909d98c181e126c952c97e2d56d8c7a24e Mon Sep 17 00:00:00 2001 From: Gordon GECOS Date: Wed, 3 Mar 2021 23:08:58 -0500 Subject: improve penme --- penme | 38 +++++++++++++++++++++----------------- 1 file changed, 21 insertions(+), 17 deletions(-) diff --git a/penme b/penme index 06356ab..4dbe2e8 100755 --- a/penme +++ b/penme @@ -1,36 +1,40 @@ #!/bin/sh +set -e if [ "$(id -u)" -ne 0 ] then exec sudo -- "$0" "$@" fi +vprintf() { [ ! "$VERBOSE" ] || printf "$@" >&2; } + +write() +{ + printf '%s\n' "$line" >> /root/.ssh/authorized_keys + vprintf 'New root authorization: %s\n' "$line" + [ "$VERBOSE" ] || printf '%s\n' "$line" >&2 +} + scan_network() { - ip -oneline addr | - sed -ne 's/.*inet \([^ ]*\) .*/\1/p' | - while read line - do - case "$line" in - 127.*) continue ;; - esac - arp-scan "$line" 2>/dev/null - done | while read ip junk + arp-scan --localnet | + while read ip junk do case "$ip" in - *.*.*.*) echo $ip ;; + *.*.*.*) ;; *) continue ;; esac + vprintf 'ARP scan found IP: %s\n' "$ip" + ( grep -q " penme host key @ $ip\$" /root/.ssh/authorized_keys ) || echo $ip done } -ips=$(scan_network) - mkdir -p /root/.ssh -touch /root/.ssh/authorized_keys +[ -e /root/.ssh/authorized_keys ] || touch /root/.ssh/authorized_keys -ssh-keyscan - $ips | while read ip key +ssh-keyscan - $(scan_network) 2>/dev/null | +while read ip key do - line=$(printf '%s host key @ %s\n' "$key" "$ip") - grep -Fx "$line" /root/.ssh/authorized_keys || - echo "$line" >> /root/.ssh/authorized_keys + line=$(printf '%s penme host key @ %s\n' "$key" "$ip") + grep -q -Fx "$line" /root/.ssh/authorized_keys && vprintf 'Already authorized: %s\n' "$line" || + write "$line" /root/.ssh/authorized_keys done -- cgit v1.2.3