Delete generate_keys.sh
This commit is contained in:
机械小鸽
GitHub
parent
7fcc730e2b
commit
f0349652f2
@ -1,80 +0,0 @@
|
|||||||
#!/bin/env sh
|
|
||||||
|
|
||||||
persist_dir=/persist
|
|
||||||
target_dir=${persist_dir}/comma
|
|
||||||
# Change target dir from sunnylink to comma to make this no longer a test
|
|
||||||
|
|
||||||
|
|
||||||
# Function to remount /persist as read-only
|
|
||||||
cleanup() {
|
|
||||||
echo "Remounting ${persist_dir} as read-only..."
|
|
||||||
sudo mount -o remount,ro ${persist_dir}
|
|
||||||
}
|
|
||||||
|
|
||||||
# Function to check and backup existing keys
|
|
||||||
backup_keys() {
|
|
||||||
if [ -f "id_rsa" ] || [ -f "id_rsa.pub" ]; then
|
|
||||||
timestamp=$(date +%s)
|
|
||||||
backup_base="id_rsa_backup_$timestamp"
|
|
||||||
backup_private="$backup_base"
|
|
||||||
backup_public="${backup_base}.pub"
|
|
||||||
|
|
||||||
# Ensure we're not overwriting an existing backup
|
|
||||||
counter=0
|
|
||||||
while [ -f "$backup_private" ] || [ -f "$backup_public" ]; do
|
|
||||||
counter=$((counter + 1))
|
|
||||||
backup_private="${backup_base}_$counter"
|
|
||||||
backup_public="${backup_base}_$counter.pub"
|
|
||||||
done
|
|
||||||
|
|
||||||
# Backup the keys
|
|
||||||
cp id_rsa "$backup_private"
|
|
||||||
cp id_rsa.pub "$backup_public"
|
|
||||||
|
|
||||||
# Verify the backup
|
|
||||||
original_private_hash=$(sha256sum id_rsa | cut -d ' ' -f 1)
|
|
||||||
backup_private_hash=$(sha256sum "$backup_private" | cut -d ' ' -f 1)
|
|
||||||
original_public_hash=$(sha256sum id_rsa.pub | cut -d ' ' -f 1)
|
|
||||||
backup_public_hash=$(sha256sum "$backup_public" | cut -d ' ' -f 1)
|
|
||||||
|
|
||||||
if [ "$original_private_hash" = "$backup_private_hash" ] && [ "$original_public_hash" = "$backup_public_hash" ]; then
|
|
||||||
echo "Backup verified successfully."
|
|
||||||
# Safe to delete original keys after successful backup verification
|
|
||||||
else
|
|
||||||
echo "Backup verification failed. Aborting operation."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "Existing keys backed up as $backup_private and $backup_public"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
# Remount /persist as read-write
|
|
||||||
sudo mount -o remount,rw ${persist_dir}
|
|
||||||
|
|
||||||
# Ensure the directory exists
|
|
||||||
mkdir -p ${target_dir}
|
|
||||||
cd ${target_dir}
|
|
||||||
|
|
||||||
# Check for and backup existing keys
|
|
||||||
#backup_keys
|
|
||||||
|
|
||||||
# Generate new keys
|
|
||||||
if ! ssh-keygen -t rsa -b 4096 -m PEM -f id_rsa -N ''; then
|
|
||||||
echo "Failed to generate new RSA keys. Exiting..."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
chmod +r id_rsa
|
|
||||||
# Convert the generated SSH public key to PEM format and store it temporarily
|
|
||||||
if ! openssl rsa -pubout -in id_rsa -out id_rsa.pub -outform PEM; then
|
|
||||||
echo "Failed to convert the public key to PEM format. Exiting..."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Display the public key
|
|
||||||
echo "Displaying the public key:"
|
|
||||||
cat id_rsa.pub
|
|
||||||
|
|
||||||
# Cleanup will be called automatically due to trap on EXIT
|
|
||||||
#echo "Operation completed successfully. System will reboot now."
|
|
||||||
#sudo reboot
|
|
||||||
Loading…
x
Reference in New Issue
Block a user