justin/tinyboard
1
0
Fork 0
forked from finn/tinyboard
Code Pull Requests 1 Activity

setup-spoke.sh: change password auth disable default to N and add warning to wait until after onboard-spoke.sh

Browse Source
This commit is contained in:
Justin Oros
2026-04-19 13:14:52 -07:00
parent f486795154
commit f3c9cf2344
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
spoke/setup-spoke.sh
View File

@@ -237,8 +237,11 @@ case "$KEY_CHOICE" in
esac esac
header "Password Authentication" header "Password Authentication"
read -rp "Disable password auth for $SPOKE_USER and use keys only? [Y/n]: " DISABLE_PASS warn "Do not disable password auth yet — the hub still needs password access to install its key via ssh-copy-id."
DISABLE_PASS="${DISABLE_PASS:-y}" warn "Only disable this after running onboard-spoke.sh on the hub."
echo ""
read -rp "Disable password auth for $SPOKE_USER and use keys only? [y/N]: " DISABLE_PASS
DISABLE_PASS="${DISABLE_PASS:-n}"
if [[ "${DISABLE_PASS,,}" == "y" ]]; then if [[ "${DISABLE_PASS,,}" == "y" ]]; then
if [ ! -f "$KEY_PATH" ]; then if [ ! -f "$KEY_PATH" ]; then
warn "No key found at $KEY_PATH — skipping password auth disable to avoid lockout." warn "No key found at $KEY_PATH — skipping password auth disable to avoid lockout."