Added step menu + can mount (ok) + dd progress + ssh working
This commit is contained in:
parent
f8c2005ba1
commit
747eb90df1
|
@ -0,0 +1 @@
|
|||
ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAF91ZI1TROEV5nYmqPv0qW6b4U7BrSD6fK91XxPE2r+Okf756gGJQfg3iRKtyI5noWVU4e7ib3vsOTMSvMDafSDCgFULLasr5OApCrv6/cI/SV5MIerPkZO9eMMD/cZxTuT9aTpsSOtCiv0ewkLkbWHFHvIM0q6uaPQpAYVmpV6wUzoZg== [ECDSA:521] SATS
|
311
clone/clone
311
clone/clone
|
@ -1,9 +1,9 @@
|
|||
#!/bin/sh
|
||||
|
||||
# [1] Check parameter : device file
|
||||
# [!] Check parameter : device file
|
||||
#========================================================#
|
||||
|
||||
echo ">>> [1] Checking parameter : device";
|
||||
echo ">>> [!] Checking parameter : device";
|
||||
# (1) Check parameter existence #
|
||||
test $# -lt 1 && echo "Missing parameter : device" && exit;
|
||||
|
||||
|
@ -15,140 +15,207 @@ test $device_type != "usb" && echo ">>> ERROR: device type is $device_type, \"us
|
|||
echo "<<< done";
|
||||
|
||||
|
||||
# [2] Init device layout (gpt table)
|
||||
DEV="$1";
|
||||
|
||||
|
||||
|
||||
# [1] Init device layout (gpt table)
|
||||
#========================================================#
|
||||
step1(){
|
||||
echo "\n>>> [1] Checking for mounted partitions ($DEV)";
|
||||
|
||||
echo "\n>>> [2] Checking for mounted partitions";
|
||||
# (1) List partitions of this device #
|
||||
mounted_partitions=$( cat /proc/mounts | awk '{print $1}' | grep "$1" );
|
||||
# (1) List partitions of this device #
|
||||
mounted_partitions=$( cat /proc/mounts | awk '{print $1}' | grep "$DEV" );
|
||||
|
||||
for mounted in $mounted_partitions; do
|
||||
# if nothing found -> next step
|
||||
test -z "$mounted_partitions" && echo "<<< done" && step2;
|
||||
|
||||
for mounted in $mounted_partitions; do
|
||||
|
||||
read -p " (!) umount $mounted (y/n) [n]" unmount;
|
||||
|
||||
test -n "$unmount" && test $unmount = "y" && sudo umount $mounted && echo "> unmounted";
|
||||
done;
|
||||
echo "<<< done";
|
||||
|
||||
step2;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
# [2] Initialize GTP Table
|
||||
#========================================================#
|
||||
step2(){
|
||||
echo "\n>>> [2] Formatting disk ($DEV)";
|
||||
|
||||
# (1) Confirmation #
|
||||
read -p" (!) Erase the whole disk ? it is irreversible! (y/n) [n]" confirm_format;
|
||||
test -z "$confirm_format" && echo "<<< aborting" && exit;
|
||||
test $confirm_format != "y" && echo "<<< aborting" && exit;
|
||||
|
||||
# (2) Init gpt entry #
|
||||
# echo " ))) replace by real code (((";
|
||||
|
||||
echo -e "g\nw" | sudo fdisk $DEV;
|
||||
|
||||
step3;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# [3] Burn image to device
|
||||
#========================================================#
|
||||
step3(){
|
||||
echo "\n>>> [3] Burning image into disk ($DEV)";
|
||||
|
||||
# (1) Confirmation #
|
||||
read -p" (!) Burn the whole disk ? it is irreversible! (y/n) [n]" confirm_burn;
|
||||
test -z "$confirm_burn" && echo "<<< aborting" && exit;
|
||||
test $confirm_burn != "y" && echo "<<< aborting" && exit;
|
||||
|
||||
# (2) Burning image into disk #
|
||||
sudo dd if=./original.img of=$DEV bs=4M \
|
||||
|| echo "<<< ERROR: dd command failed" && exit;
|
||||
|
||||
echo "<<< done";
|
||||
|
||||
step4;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# [4] Mount partition
|
||||
#========================================================#
|
||||
step4(){
|
||||
echo "\n>>> [4] Mounting partition ${DEV}2";
|
||||
|
||||
# [1] Mount device partition
|
||||
sudo mount ${DEV}2 /mnt || echo "<<< error: can't mount" && exit;
|
||||
|
||||
echo "<<< done";
|
||||
|
||||
step5;
|
||||
}
|
||||
|
||||
|
||||
|
||||
# [5] Updating users
|
||||
#========================================================#
|
||||
step5(){
|
||||
echo "\n>>> [5] Updating users";
|
||||
|
||||
echo " (.) Adding user satsuser";
|
||||
# shadow
|
||||
echo " /etc/shadow";
|
||||
## TODO: Manage default password ##
|
||||
echo "satsuser:*:17185:0:999999:7::" | sudo tee -a /mnt/etc/shadow > /dev/null;
|
||||
echo "satsuser:*:17185:0:999999:7::" | sudo tee -a /mnt/etc/shadow- > /dev/null;
|
||||
|
||||
# passwd
|
||||
echo " /etc/passwd";
|
||||
echo "satsuser:x:666:666:sats-user,,,:/home/sats-user:/bin/sh" | sudo tee -a /mnt/etc/passwd > /dev/null;
|
||||
echo "satsuser:x:666:666:sats-user,,,:/home/sats-user:/bin/sh" | sudo tee -a /mnt/etc/passwd- > /dev/null;
|
||||
|
||||
echo " (.) Removing pi's login password";
|
||||
# create temp file without pi's password
|
||||
sudo cat /mnt/etc/shadow | sed 's/pi:[^:]\+:/pi:*:/' | sudo tee /mnt/etc/shadow.tmp > /dev/null;
|
||||
# write original files
|
||||
sudo cat /mnt/etc/shadow.tmp | sudo tee /mnt/etc/shadow > /dev/null;
|
||||
sudo cat /mnt/etc/shadow.tmp | sudo tee /mnt/etc/shadow- > /dev/null;
|
||||
# remove temporary file
|
||||
sudo rm /mnt/etc/shadow.tmp;
|
||||
|
||||
step6;
|
||||
}
|
||||
|
||||
|
||||
# [6] Updating groups
|
||||
#========================================================#
|
||||
step6(){
|
||||
echo "\n>>> [6] Updating groups";
|
||||
|
||||
echo " (.) Adding group ssh-key";
|
||||
# group
|
||||
echo " /etc/group";
|
||||
echo "ssh-key:x:555:pi,sats-user" | sudo tee -a /mnt/etc/group > /dev/null;
|
||||
echo "ssh-key:x:555:pi,sats-user" | sudo tee -a /mnt/etc/group- > /dev/null;
|
||||
|
||||
echo " (.) Adding group sats-user";
|
||||
# group
|
||||
echo " /etc/group";
|
||||
echo "sats-user:x:666:sats-user" | sudo tee -a /mnt/etc/group > /dev/null;
|
||||
echo "sats-user:x:666:sats-user" | sudo tee -a /mnt/etc/group- > /dev/null;
|
||||
|
||||
step7;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
# [7] Manage SSH keys #
|
||||
#========================================================#
|
||||
step7(){
|
||||
echo "\n>>> [7] Create ssh keys";
|
||||
|
||||
# (1) Create ssh key pair #
|
||||
echo " (.) Create ssh key [ecdsa:521]";
|
||||
ssh-keygen -t ecdsa -b 521 -C "[ECDSA:521] SATS" -f ./id_ecdsa;
|
||||
|
||||
# (2) Add public key to server's `authorized_keys` file #
|
||||
echo " (.) Add public key to server's list";
|
||||
cat ./id_ecdsa.pub >> ./authorized_keys;
|
||||
|
||||
# (3) Create ssh file system #
|
||||
echo " (.) init ssh folder (/home/sats-user/.ssh)";
|
||||
sudo mkdir /mnt/home/sats-user/.ssh;
|
||||
|
||||
read -p " (!) umount $mounted (y/n) [n]" unmount;
|
||||
|
||||
test -n "$unmount" && test $unmount = "y" && sudo umount $mounted && echo "> unmounted";
|
||||
done;
|
||||
echo "<<< done";
|
||||
# (4) Add both keys to sats-user files #
|
||||
echo " (.) add keys to ssh folder";
|
||||
sudo mv ./id_ecdsa /mnt/home/sats-user/.ssh/id_ecdsa;
|
||||
sudo mv ./id_ecdsa.pub /mnt/home/sats-user/.ssh/id_ecdsa.pub;
|
||||
|
||||
# (5) Set up permissions #
|
||||
echo " (.) Set up permissions";
|
||||
sudo chown -R 666:666 /mnt/home/sats-user/.ssh/;
|
||||
sudo chmod 400 /mnt/home/sats-user/.ssh/id_ecdsa*;
|
||||
|
||||
# [3] Initialize GTP Table
|
||||
#========================================================#
|
||||
echo "\n>>> [3] Formatting disk";
|
||||
|
||||
# (1) Confirmation #
|
||||
read -p" (!) Erase the whole disk ? it is irreversible! (y/n) [n]" confirm_format;
|
||||
test -z "$confirm_format" && echo "<<< aborting" && exit;
|
||||
test $confirm_format != "y" && echo "<<< aborting" && exit;
|
||||
|
||||
# (2) Init gpt entry #
|
||||
# echo " ))) replace by real code (((";
|
||||
|
||||
echo -e "g\nw" | sudo fdisk $1;
|
||||
step8;
|
||||
}
|
||||
|
||||
|
||||
|
||||
# [4] Burn image to device
|
||||
#========================================================#
|
||||
echo "\n>>> [4] Burning image into disk";
|
||||
|
||||
# (1) Confirmation #
|
||||
read -p" (!) Burn the whole disk ? it is irreversible! (y/n) [n]" confirm_burn;
|
||||
test -z "$confirm_burn" && echo "<<< aborting" && exit;
|
||||
test $confirm_burn != "y" && echo "<<< aborting" && exit;
|
||||
|
||||
# (2) Burning image into disk #
|
||||
sudo dd if=./original.img of=$1 bs=4M \
|
||||
|| ( echo "<<< ERROR: dd command failed" && exit );
|
||||
|
||||
echo "<<< done";
|
||||
|
||||
|
||||
exit;
|
||||
|
||||
|
||||
# [5] Mount partition
|
||||
# [8] Manage Network config
|
||||
#========================================================#
|
||||
|
||||
echo "\n>>> [5] Mounting partition ${1}2";
|
||||
|
||||
# [1] Mount device partition
|
||||
sudo mount ${1}2 /mnt -o uid=$UID,gid=$GID,umask=022;
|
||||
|
||||
echo "<<< done";
|
||||
|
||||
|
||||
# [6] Updating users & groups
|
||||
# [0] Step choice
|
||||
#========================================================#
|
||||
echo "\nSTEPS";
|
||||
echo "(1) Init device layout (gpt table)";
|
||||
echo "(2) Format disk";
|
||||
echo "(3) Burn image into disk";
|
||||
echo "(4) Mount / partition";
|
||||
echo "(5) Update users";
|
||||
echo "(6) Update groups";
|
||||
echo "(7) Manage ssh keys";
|
||||
read -p "step: " step;
|
||||
|
||||
echo "\n>>> [6] Updating users & groups";
|
||||
|
||||
echo " (.) Adding user satsuser";
|
||||
# shadow
|
||||
echo " /etc/shadow";
|
||||
echo "satsuser:{somedigestedpass}:17185:0:999999:7::" | sudo tee -a /mnt/etc/shadow > /dev/mull;
|
||||
echo "satsuser:{somedigestedpass}:17185:0:999999:7::" | sudo tee -a /mnt/etc/shadow- > /dev/null;
|
||||
|
||||
# passwd
|
||||
echo " /etc/passwd";
|
||||
echo "satsuser:x:666:666:sats-user,,,:/home/sats-user:/bin/sh" | sudo tee -a /mnt/etc/passwd > /dev/null;
|
||||
echo "satsuser:x:666:666:sats-user,,,:/home/sats-user:/bin/sh" | sudo tee -a /mnt/etc/passwd- > /dev/null;
|
||||
|
||||
echo " (.) Removing pi's login password";
|
||||
# create temp file without pi's password
|
||||
sudo cat /mnt/etc/shadow | sed 's/pi:[^:]\+:/pi:*:/' | sudo tee /mnt/etc/shadow.tmp > /dev/null;
|
||||
# write original files
|
||||
sudo cat /mnt/etc/shadow.tmp | sudo tee /mnt/etc/shadow > /dev/null;
|
||||
sudo cat /mnt/etc/shadow.tmp | sudo tee /mnt/etc/shadow- > /dev/null;
|
||||
# remove temporary file
|
||||
sudo rm /mnt/etc/shadow.tmp;
|
||||
|
||||
|
||||
echo " (.) Adding group ssh-key";
|
||||
# group
|
||||
echo " /etc/group";
|
||||
echo "ssh-key:x:555:pi,sats-user" | sudo tee -a /mnt/etc/group > /dev/null;
|
||||
echo "ssh-key:x:555:pi,sats-user" | sudo tee -a /mnt/etc/group- > /dev/null;
|
||||
|
||||
echo " (.) Adding group sats-user";
|
||||
# group
|
||||
echo " /etc/group";
|
||||
echo "sats-user:x:666:sats-user" | sudo tee -a /mnt/etc/group > /dev/null;
|
||||
echo "sats-user:x:666:sats-user" | sudo tee -a /mnt/etc/group- > /dev/null;
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# [4] Manage SSH keys #
|
||||
########################################
|
||||
|
||||
# [1] Create ssh key pair
|
||||
ssh-keygen -t ecdsa -b 521 -C "[ECDSA:521] SATS" -f ./id_ecdsa;
|
||||
|
||||
# [2] Add public key to server's `authorized_keys` file
|
||||
cat ./id_ecdsa.pub >> ./authorized_keys;
|
||||
|
||||
# [3] Add both keys to SATS file system
|
||||
mv ./id_ecdsa /mnt/home/SATS/.ssh/id_ecdsa;
|
||||
mv ./id_ecdsa.pub /mnt/home/SATS/.ssh/id_ecdsa.pub;
|
||||
|
||||
# [4] Adjust permissions
|
||||
chown SATS:SATS /mnt/home/SATS/.ssh/id_ecdsa;
|
||||
chmod 600 /mnt/home/SATS/.ssh/id_ecdsa;
|
||||
|
||||
|
||||
# [5] Manage Wifi Credentials
|
||||
########################################
|
||||
|
||||
# [1] generate wpa digest
|
||||
psk=$( echo "$3" | wpa_passphrase "$2" | grep -E "^\spsk" | sed 's/^\spsk=//' );
|
||||
|
||||
# [2] Append SSID to `interfaces` config
|
||||
echo "\twpa-ssid\t$2" >> /mnt/etc/network/interfaces;
|
||||
|
||||
# [3] Append WPA digest to `interfaces` config
|
||||
echo "\twpa-psk\t$psk" >> /mnt/etc/network/interfaces;
|
||||
|
||||
|
||||
|
||||
# [6] .....
|
||||
case $step in
|
||||
"1") step1;;
|
||||
"2") step2;;
|
||||
"3") step3;;
|
||||
"4") step4;;
|
||||
"5") step5;;
|
||||
"6") step6;;
|
||||
"7") step7;;
|
||||
*) echo "wrong step"; exit;;
|
||||
esac;
|
||||
|
|
Loading…
Reference in New Issue