blob: 0b1970a0cf64ef2f1b26a1880545d8c41043ba8c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
#!/bin/bash
set -e
gethome()
{
# getent passwd "$1" | (IFS=:; read line; set -- $line; printf '%s\n' "$6")
eval printf '%s\\n' "~$1"
}
OPT=$(getopt -o 'l:u:' --long 'user:,login:' -n "$0" -- "$@")
eval set -- "$OPT"
unset OPT
USERNAME=$(id -un)
LOGINUSER=$USERNAME
while true
do
case "$1" in
-u | --user )
USERNAME=$2
shift 2
;;
-l | --login )
LOGINUSER=$2
shift 2
;;
-- )
shift
break
;;
* )
exit 1
;;
esac
done
q()
{
printf '%q' "$*"
}
remote_code()
{
set -e
cd
[ -d .ssh ] || mkdir .ssh
printf '%s\n' "$1" >> .ssh/authorized_keys
}
[ $# = 1 ]
h=$(gethome "$USERNAME")
[ "$h" ]
d=$h/.ssh
[ -d "$d" ]
keytypes='id_ed25519 id_ed25519_sk id_ecdsa id_ecdsa_sk id_rsa id_dsa'
for k in $keytypes
do
f=$d/$k.pub
if [ -e "$f" ]
then
read authline < "$f"
(declare -f remote_code
echo remote_code $(q "$authline")) |
sash -T "$1" -- \
runuser -u "$LOGINUSER" -- bash
exit
fi
done
echo "$0: Error: no public key found for user $USERNAME" >&2
exit 1
|