forked from finn/tinyboard
spoke/setup-spoke.sh
Fix check_permissions to check group bits; fix ssh-keyscan dedup to iterate per key type; fix HUB_USER@HUB_HOST sed regex to handle trailing whitespace hub/offboard-spoke.sh Drop root requirement; fix crontab running as root; fix registry .tmp not cleaned on failure hub/onboard-spoke.sh Fix registry .tmp not cleaned on failure; chmod 600 key immediately after generation hub/setup-hub.sh Check permissions on existing SSH private keys in setup
This commit is contained in:
Justin Oros
@@ -246,6 +246,15 @@ header "Permission Checks"
|
||||
info "Checking SSH directory permissions..."
|
||||
check_permissions "$SSH_DIR/authorized_keys" "authorized_keys"
|
||||
check_permissions "$RCLONE_CONF" "rclone.conf"
|
||||
for PRIVKEY in "$SSH_DIR"/*; do
|
||||
[[ "$PRIVKEY" == *.pub ]] && continue
|
||||
[ -f "$PRIVKEY" ] || continue
|
||||
case "$(file -b "$PRIVKEY" 2>/dev/null)" in
|
||||
*"private key"*|*"PRIVATE KEY"*)
|
||||
check_permissions "$PRIVKEY" "SSH private key $(basename "$PRIVKEY")"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
header "Mount Point Setup"
|
||||
read -rp "Mount point for spoke filesystems [/mnt/hub]: " MOUNT_POINT
|
||||
|
||||
Reference in New Issue
Block a user