logauth
/
setup
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fixed file creation trouble, etc

This commit is contained in:
xdrm-brackets 2017-01-21 16:43:45 +01:00
parent 103f367059
commit cf67b9a7f7
1 changed files with 26 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
clone/clone
View File

@ -1,5 +1,11 @@
#!/bin/sh #!/bin/sh
[ ! -e ./tmp -o ! -d ./tmp ] && mkdir ./tmp;
[ ! -e ./server -o ! -d ./server ] && mkdir ./server;
[ ! -e ./server/maintenance -o ! -d ./server/maintenance ] && mkdir ./server/maintenance;
# [!] Check parameter : device file # [!] Check parameter : device file
#========================================================# #========================================================#
@ -34,7 +40,7 @@ step1(){
read -p " (!) umount $mounted (y/n) [n]" unmount; read -p " (!) umount $mounted (y/n) [n]" unmount;
test -n "$unmount" && test $unmount = "y" && sudo umount $mounted 2>> /dev/null >> /dev/null && echo " > unmounted"; test -n "$unmount" && test $unmount = "y" && sudo umount $mounted 2> /dev/null > /dev/null && echo " > unmounted";
done; done;
echo "<<< done"; echo "<<< done";
@ -57,7 +63,7 @@ step2(){
# (2) Init gpt entry # # (2) Init gpt entry #
# echo " ))) replace by real code ((("; # echo " ))) replace by real code (((";
echo -e "g\nw" | sudo fdisk $DEV 2>> /dev/null >> /dev/null; echo -e "g\nw" | sudo fdisk $DEV 2> /dev/null > /dev/null;
echo "<<< done"; echo "<<< done";
@ -111,7 +117,7 @@ step4(){
step5(){ step5(){
echo "\n>>> [5] Updating users"; echo "\n>>> [5] Updating users";
echo " (.) Adding user satsuser"; echo " (.) Adding user satsuser";
# shadow # shadow
echo " /etc/shadow"; echo " /etc/shadow";
## TODO: Manage default password ## ## TODO: Manage default password ##
@ -123,7 +129,7 @@ step5(){
echo "satsuser:x:666:666:sats-user,,,:/home/sats-user:/bin/sh" | sudo tee -a /mnt/etc/passwd > /dev/null; echo "satsuser:x:666:666:sats-user,,,:/home/sats-user:/bin/sh" | sudo tee -a /mnt/etc/passwd > /dev/null;
echo "satsuser:x:666:666:sats-user,,,:/home/sats-user:/bin/sh" | sudo tee -a /mnt/etc/passwd- > /dev/null; echo "satsuser:x:666:666:sats-user,,,:/home/sats-user:/bin/sh" | sudo tee -a /mnt/etc/passwd- > /dev/null;
echo " (.) Removing pi's login password"; echo " (.) Removing pi's login password";
# create temp file without pi's password # create temp file without pi's password
#sudo cat /mnt/etc/shadow | sed 's/pi:[^:]\+:/pi:*:/' | sudo tee /mnt/etc/shadow.tmp > /dev/null; #sudo cat /mnt/etc/shadow | sed 's/pi:[^:]\+:/pi:*:/' | sudo tee /mnt/etc/shadow.tmp > /dev/null;
# write original files # write original files
@ -143,13 +149,13 @@ step5(){
step6(){ step6(){
echo "\n>>> [6] Updating groups"; echo "\n>>> [6] Updating groups";
echo " (.) Adding group ssh-key"; echo " (.) Adding group ssh-key";
# group # group
echo " /etc/group"; echo " /etc/group";
echo "ssh-key:x:555:pi,sats-user" | sudo tee -a /mnt/etc/group > /dev/null; echo "ssh-key:x:555:pi,sats-user" | sudo tee -a /mnt/etc/group > /dev/null;
echo "ssh-key:x:555:pi,sats-user" | sudo tee -a /mnt/etc/group- > /dev/null; echo "ssh-key:x:555:pi,sats-user" | sudo tee -a /mnt/etc/group- > /dev/null;
echo " (.) Adding group sats-user"; echo " (.) Adding group sats-user";
# group # group
echo " /etc/group"; echo " /etc/group";
echo "sats-user:x:666:sats-user" | sudo tee -a /mnt/etc/group > /dev/null; echo "sats-user:x:666:sats-user" | sudo tee -a /mnt/etc/group > /dev/null;
@ -166,33 +172,35 @@ step6(){
# [7] Manage SSH keys # # [7] Manage SSH keys #
#========================================================# #========================================================#
step7(){ step7(){
echo "\n>>> [7] Create ssh keys"; echo "\n>>> [7] Manage ssh keys";
# (1) Create ssh key pair # # (1) Create ssh key pair #
echo " (.) Create ssh key [ecdsa:521]"; echo " (.) Create ssh key [ecdsa:521]";
echo -e "\n\n" | ssh-keygen -t ecdsa -b 521 -C "[ECDSA:521] SATS" -f tmp/id_ecdsa; ssh-keygen -t ecdsa -b 521 -C "[ECDSA:521] SATS" -f ./tmp/id_ecdsa -P "" 2> /dev/null > /dev/null;
# (2) Add public key to server's `authorized_keys` file # # (2) Add public key to server's `authorized_keys` file #
echo " (.) Add public key to server's list"; echo " (.) Add public key to server's list";
cat tmp/id_ecdsa.pub >> server/authorized_keys; test ! -e ./server/authorized_keys && touch ./server/authorized_keys;
cat ./tmp/id_ecdsa.pub >> ./server/authorized_keys;
# (3) Create ssh file system # # (3) Create ssh file system #
echo " (.) init ssh folder (/home/sats-user/.ssh)"; echo " (.) Init ssh folder (/home/sats-user/.ssh)";
sudo mkdir /mnt/home/sats-user/.ssh; sudo mkdir -p /mnt/home/sats-user/.ssh;
# (4) Add both keys to sats-user files # # (4) Add both keys to sats-user files #
echo " (.) add keys to ssh folder"; echo " (.) Add keys to ssh folder";
sudo mv tmp/id_ecdsa /mnt/home/sats-user/.ssh/id_ecdsa; sudo mv ./tmp/id_ecdsa /mnt/home/sats-user/.ssh/id_ecdsa;
sudo mv tmp/id_ecdsa.pub /mnt/home/sats-user/.ssh/id_ecdsa.pub; sudo mv ./tmp/id_ecdsa.pub /mnt/home/sats-user/.ssh/id_ecdsa.pub;
# (5) Add maintenance keys # # (5) Add maintenance keys #
echo " (.) Add maintenance keys'"; echo " (.) Add maintenance keys'";
cat server/maintenance/*.pub | sudo tee /mnt/home/sats-user/.ssh/authorized_keys; sudo touch /mnt/home/sats-user/.ssh/authorized_keys;
cat ./server/maintenance/*.pub | sudo tee /mnt/home/sats-user/.ssh/authorized_keys > /dev/null;
# (6) Set up permissions # # (6) Set up permissions #
echo " (.) Set up permissions"; echo " (.) Set up permissions";
sudo chown -R 666:666 /mnt/home/sats-user/.ssh/; sudo chown -R 666:666 /mnt/home/sats-user/.ssh/;
sudo chmod 400 /mnt/home/sats-user/.ssh/*; sudo chmod 400 /mnt/home/sats-user/.ssh/*;