mirror of
https://github.com/webinstall/webi-installers.git
synced 2026-04-06 18:36:50 +00:00
98 lines
2.8 KiB
Bash
Executable File
98 lines
2.8 KiB
Bash
Executable File
#!/bin/sh
|
|
set -e
|
|
set -u
|
|
|
|
fn_fix_rsa() { (
|
|
echo 'WARNING'
|
|
echo ' ~/.ssh/id_rsa is less than the required 3072 bits'
|
|
echo ' (some modern services will reject your key)'
|
|
echo ''
|
|
echo 'AUTOMATIC FIX'
|
|
echo ' Generating an efficient, modern ed25519 key'
|
|
echo ' ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -q -N ""'
|
|
echo ''
|
|
my_ts="$(date -u "+%F_%H.%M.%S")"
|
|
echo 'MANUAL FIX (optional)'
|
|
echo " mv ~/.ssh/id_rsa ~/.ssh/id_rsa.${my_ts}.bak"
|
|
echo ' ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa -q -N ""'
|
|
# shellcheck disable=SC2016
|
|
echo " echo 'Host *
|
|
IdentityFile ~/.ssh/id_ed25519
|
|
IdentityFile ~/.ssh/id_rsa
|
|
IdentityFile ~/.ssh/id_rsa.${my_ts}.bak' >> ~/.ssh/config"
|
|
); }
|
|
|
|
main() {
|
|
if ! test -d ~/.ssh; then
|
|
mkdir -p ~/.ssh/
|
|
chmod 0700 ~/.ssh/
|
|
fi
|
|
|
|
if ! test -f ~/.ssh/config; then
|
|
# for the benefit of VSCode
|
|
touch ~/.ssh/config
|
|
chmod 0644 ~/.ssh/config
|
|
fi
|
|
|
|
if ! test -f ~/.ssh/authorized_keys; then
|
|
touch ~/.ssh/authorized_keys
|
|
chmod 0600 ~/.ssh/authorized_keys
|
|
fi
|
|
|
|
my_keytype=''
|
|
if test -f ~/.ssh/id_ed25519; then
|
|
my_keytype='ed25519'
|
|
if ! test -f ~/.ssh/id_ed25519.pub; then
|
|
echo >&2 ""
|
|
ssh-keygen -y -f ~/.ssh/id_ed25519 > ~/.ssh/id_ed25519.pub
|
|
fi
|
|
elif test -f ~/.ssh/id_ecda; then
|
|
my_keytype='ecdsa'
|
|
if ! test -f ~/.ssh/id_ecdsa.pub; then
|
|
echo >&2 ""
|
|
ssh-keygen -y -f ~/.ssh/id_ecda > ~/.ssh/id_ecda.pub
|
|
fi
|
|
fi
|
|
|
|
if test -z "${my_keytype}"; then
|
|
if test -f ~/.ssh/id_rsa; then
|
|
my_rsa_chars="$(cat ~/.ssh/id_rsa)"
|
|
if test "${#my_rsa_chars}" -lt 2500; then
|
|
fn_fix_rsa >&2
|
|
echo >&2 ""
|
|
else
|
|
my_keytype='rsa'
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
if test -z "${my_keytype}"; then
|
|
echo >&2 ""
|
|
|
|
my_keytype='ed25519'
|
|
ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -q -N ""
|
|
ssh-keygen -y -f ~/.ssh/id_ed25519 > ~/.ssh/id_ed25519.pub
|
|
|
|
# my_keytype='rsa'
|
|
# echo >&2 "Generating public/private rsa key pair."
|
|
# ssh-keygen -b 4096 -t rsa -f ~/.ssh/id_rsa -q -N ""
|
|
# ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
|
|
fi
|
|
|
|
my_comment="$(cut -d' ' -f3 < ~/.ssh/"id_${my_keytype}.pub")"
|
|
if test -z "${my_comment}"; then
|
|
my_comment="$(id -u -n)"
|
|
fi
|
|
|
|
echo >&2 ""
|
|
#shellcheck disable=SC2088
|
|
echo >&2 "~/Downloads/id_${my_keytype}.${my_comment}.pub":
|
|
echo >&2 ""
|
|
rm -f "$HOME/Downloads/id_${my_keytype}.${my_comment}.pub"
|
|
cp -RPp "$HOME/.ssh/id_${my_keytype}.pub" "$HOME/Downloads/id_${my_keytype}.${my_comment}.pub"
|
|
cat "$HOME/Downloads/id_${my_keytype}.${my_comment}.pub"
|
|
echo >&2 ""
|
|
}
|
|
|
|
main
|