john/janus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: john:a26c71c092a459a50c7bf30f010ef0882f3c5279
Branches Tags
john:main
..
compare: john:6886b6ca697d2001ca7663b22319b77ef5fc3a49
Branches Tags
john:main

2 Commits
a26c71c092 ... 6886b6ca69

Author SHA1 Message Date
John Lancaster
6886b6ca69 more case structure 2026-01-04 10:40:01 -06:00
John Lancaster
42b3506b1c row_process 2026-01-04 10:24:46 -06:00
1 changed files with 34 additions and 19 deletions
Expand all files Collapse all files

51
scripts/ssh-server-check.sh
View File

@@ -33,7 +33,7 @@ check_ssh_files() {
printf "%-17b %-20s %-6s %s\n" " $GREEN_CHECK" "$key" "$perms" "$path" printf "%-17b %-20s %-6s %s\n" " $GREEN_CHECK" "$key" "$perms" "$path"
} }
row_fail() { row_missing() {
local key="$1" local key="$1"
local path="$2" local path="$2"
printf "%-15b %-20s %-6s %s\n" " $YELLOW_BANG" "$key" "-" "$path (missing)" printf "%-15b %-20s %-6s %s\n" " $YELLOW_BANG" "$key" "-" "$path (missing)"
@@ -44,32 +44,47 @@ check_ssh_files() {
printf "%-17b %-20s %-6s %s\n" " $RED_X" "$key" "-" "(not configured)" printf "%-17b %-20s %-6s %s\n" " $RED_X" "$key" "-" "(not configured)"
} }
row_process() { get_key_status() {
local key="$1" local path="$1"
if [[ -z "$key" ]]; then
echo "usage: row_process <key>" >&2
return 2
fi
path=$(ssh_config_val "$key")
if [[ -z "$path" ]]; then if [[ -z "$path" ]]; then
row_unconfigured $key echo "unconfigured"
continue elif [[ ! -e "$path" ]]; then
fi echo "missing"
if [[ -e "$path" ]]; then
row_success $key $path
else else
row_fail $key $path echo "success"
fi fi
} }
row_process() {
local key="$1"
path=$(ssh_config_val "$key")
status=$(get_key_status "$path")
case "$status" in
success) row_success "$key" "$path" ;;
missing) row_missing "$key" "$path" ;;
unconfigured) row_unconfigured "$key" ;;
esac
}
printf "%-6s %-20s %-6s %s\n" "STATUS" "KEY" "PERMS" "PATH" printf "%-6s %-20s %-6s %s\n" "STATUS" "KEY" "PERMS" "PATH"
row_process "hostkey" row_process "hostkey"
row_process "hostcertificate" row_process "hostcertificate"
row_process "trustedusercakeys" row_process "trustedusercakeys"
case "$status" in
success) return ;;
missing)
# Do something if trustedusercakeys is missing
read -p "Create the trusted keys file? (y/n) " -n 1 -r
echo
if [[ $REPLY =~ ^[Yy]$ ]]; then
echo "Creating public key file at $path"
(step ssh config --roots > "$path")
echo -e "$GREEN_CHECK Created public key file for SSH user CA"
fi
;;
unconfigured) return;;
esac
} }
ssh_fingerprint() { ssh_fingerprint() {