summaryrefslogtreecommitdiff
path: root/penme
blob: f32aee7bf673d862df544c59fcf1f1b5d3fe1235 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#!/bin/sh
set -e
if [ "$(id -u)" -ne 0 ]
then
        exec sudo -- "$0" "$@"
fi

vprintf() { [ ! "$VERBOSE" ] || printf "$@" >&2; }

write()
{
        printf '%s\n' "$line" >> /root/.ssh/authorized_keys
        vprintf 'New root authorization: %s\n' "$line"
        [ "$VERBOSE" ] || printf '%s\n' "$line" >&2
}

scan_network()
{
        arp-scan -q --localnet | grep '	' |
        while read ip junk
        do
            vprintf 'ARP scan found IP: %s\n' "$ip"
            grep -qF " penme host key @ $ip\$" /root/.ssh/authorized_keys || echo "$ip"
        done
}

mkdir -p /root/.ssh
[ -e /root/.ssh/authorized_keys ] || touch /root/.ssh/authorized_keys

which arp-scan >/dev/null &&
which ssh-keyscan >/dev/null ||
apt install --no-upgrade arp-scan openssh-client || true

ssh-keyscan - $(scan_network) 2>/dev/null |
while read ip key
do
        line=$(printf '%s penme host key @ %s\n' "$key" "$ip")
        grep -q -Fx "$line" /root/.ssh/authorized_keys && vprintf 'Already authorized: %s\n' "$line" ||
        write "$line" /root/.ssh/authorized_keys
done