deluxe-stylez.de :: unix – brain required

26Jan/100

SSH Key – Public Key Authentication

Ich habe das alte Script auf der Seite durch dieses ersetzt. Was macht das Script genau ?
Es kopiert den SSH-Key auf ein anderes System um einen SSH-Login ohne Passworteingabe zu ermöglichen. Ist oft für Script wie Nagios, Backups usw. nötig.

?View Code BASH
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76

#!/bin/bash
# kumar.mcmillan -at- farmdev.com
 
function usage()
{
echo ""
echo "Authorizes a host for automatic SSH use by sending your key to the remote host ..."
echo "Usage: $0 remote_host_to_authorize [username:=defaults to current username]"
echo ""
}
 
function cleanup()
{
if [ -f $TEMP_PUB_KEY_XFER ]
then
rm $TEMP_PUB_KEY_XFER
fi
}
 
function exit_on_error()
{
cleanup
exit 1
}
 
if [ $# -lt 1 -o "$1" = "-h" -o "$1" = "--help" ]
then
usage
exit 0
fi
 
PUB_KEY=~/.ssh/id_dsa.pub
if [ $# -eq 2 ]; then
USER=$2
else
USER=`whoami`
fi
HOST_TO_AUTH=$1
TEMP_PUB_KEY_XFER=/tmp/$USER"_TEMP_KEY"
 
echo "checking for $PUB_KEY ..."
if [ ! -f $PUB_KEY ]; then
echo "generating your dsa public key (leave passphrase blank and save to $PUB_KEY when prompted) ..."
ssh-keygen -t dsa
if [ $? -ne 0 ]; then
echo "ssh-keygen failed"
exit_on_error
fi
fi
echo "OK"
 
echo "for the following commands you will be asked to supply your password for $HOST_TO_AUTH :"
 
echo "copying a temp pub key to $HOST_TO_AUTH ..."
cat $PUB_KEY > $TEMP_PUB_KEY_XFER
chmod 700 $TEMP_PUB_KEY_XFER
echo "OK"
 
remote_key=`basename $TEMP_PUB_KEY_XFER`
scp $TEMP_PUB_KEY_XFER $USER@$HOST_TO_AUTH:~/$remote_key
if [ $? -ne 0 ]; then
echo "scp failed"
exit_on_error
fi
 
echo "authorizing $HOST_TO_AUTH for automatic SSH use ..."
ssh $USER@$HOST_TO_AUTH "cat ~/$remote_key >> ~/.ssh/authorized_keys; rm ~/$remote_key"
if [ $? -ne 0 ]; then
echo "ssh failed"
exit_on_error
fi
echo "OK"
 
cleanup
echo "authorization successful!  you can now login automatically to $HOST_TO_AUTH"
exit 0
Tags: keine Kommentare
2Dez/080

SSH Public Key

Hier ein kleines Script welches hilft den SSH Public Key auf andere Maschinen zu übertragen

#!/bin/sh

echo
echo This script will help you setup ssh public key authentication.

host=dummy

while [ -n "$host" ]; do
echo -n "SSH server: "
read host
if [ -n "$host" ]; then
echo -n "user[$USER]: "
read usr
if [ -z "$usr" ]; then
usr=$USER
fi

echo "Setting up RSA authentication for ${usr}@${host}..."
if [ -f ~/.ssh/id_rsa.pub ]; then
echo "RSA public key OK."
else
ssh-keygen -t rsa -f ~/.ssh/id_rsa -N ""
fi
scp -P22  ~/.ssh/id_rsa.pub ${usr}@${host}:~/
ssh ${usr}@${host} -p22 "if [ ! -d ~/.ssh ]; then mkdir ~/.ssh fi cat ~/id_rsa.pub >> ~/.ssh/authorized_keys chmod 0600 ~/.ssh/authorized_keys rm ~/id_rsa.pub"
echo
echo "You should see the following message without being prompted for anything now..."
echo
ssh ${usr}@${host} "echo !!! Congratulations, you are now logged in as ${usr}@${host} !!!"
echo
echo "If you were prompted, public key authentication could not be configured..."

echo
echo "Enter a blank servername when done."
echo
fi
done

echo "End of configuration."
Tags: , , keine Kommentare
2Dez/080

Feinste ascii art für den SSH-Banner

          .                                                      .
        .n                   .                 .                  n.
  .   .dP                  dP                   9b                 9b.    .
 4    qXb         .       dX                     Xb       .        dXp     t
dX.    9Xb      .dXb    __                         __    dXb.     dXP     .Xb
9XXb._       _.dXXXXb dXXXXbo.                 .odXXXXb dXXXXb._       _.dXXP
 9XXXXXXXXXXXXXXXXXXXVXXXXXXXXOo.           .oOXXXXXXXXVXXXXXXXXXXXXXXXXXXXP
  `9XXXXXXXXXXXXXXXXXXXXX'~   ~`OOO8b   d8OOO'~   ~`XXXXXXXXXXXXXXXXXXXXXP'
    `9XXXXXXXXXXXP' `9XX'          `98v8P'          `XXP' `9XXXXXXXXXXXP'
        ~~~~~~~       9X.          .db|db.          .XP       ~~~~~~~
                        )b.  .dbo.dP'`v'`9b.odb.  .dX(
                      ,dXXXXXXXXXXXb     dXXXXXXXXXXXb.
                     dXXXXXXXXXXXP'   .   `9XXXXXXXXXXXb
                    dXXXXXXXXXXXXb   d|b   dXXXXXXXXXXXXb
                    9XXb'   `XXXXXb.dX|Xb.dXXXXX'   `dXXP
                     `'      9XXXXXX(   )XXXXXXP      `'
                              XXXX X.`v'.X XXXX
                              XP^X'`b   d'`X^XX
                              X. 9  `   '  P )X
                              `b  `       '  d'

            ***************************************************

                    This system is monitored by the sysop,
             any violation will be investigated and monitored.

            ***************************************************

Auch wenn es niemand abschreckt, ist es immer wieder was nettes. BTW: Das CAPTCHA Module habe auch auf ASCII Art umgestellt womit die SPAM Bots sich noch etwas schwer tun. Das dieses Bild nie bei Google unter der "Bilder Suche" auftauchen wird ist wohl auch klar :D

Tags: keine Kommentare
   

Menu

Shoutbox


Loading

WP Shoutbox
Name
Webseite
Message
Smile

Meta

Sponsored by

Letzte Kommentare

RSSTwitter: BeNeDeLuX