You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
477 lines
12 KiB
477 lines
12 KiB
HOSTS_FILE=/etc/hosts
|
|
split="1" # Default of no Split!!!
|
|
|
|
pkey() {
|
|
if [ -f "$PK" ]; then
|
|
USE_PRIVATE_KEY=$PK
|
|
elif [ -f "${PK}.private" ]; then
|
|
USE_PRIVATE_KEY=${PK}.private
|
|
else
|
|
USE_PRIVATE_KEY=$HPATH/.ssh/id_rsa
|
|
fi
|
|
}
|
|
|
|
choose_key() {
|
|
local homes=$HPATH/.ssh/
|
|
local pubs=$(find "$homes" -type f -iname "*.pub" 2> /dev/null)
|
|
if [ -z "$pubs" ]; then
|
|
PK=${homes}${USER}
|
|
pkey
|
|
return 0
|
|
fi
|
|
|
|
nonpub=""
|
|
akeys=()
|
|
realkeys=()
|
|
indexforkeys=()
|
|
|
|
IFSOLD=$IFS
|
|
IFS=$'\n'
|
|
|
|
local pubs_count=0
|
|
local option_no=0
|
|
for k in $pubs; do
|
|
pubs_count=$((pubs_count+1))
|
|
nonpub=${k/.pub/}
|
|
option_no=$((option_no+1))
|
|
akeys+=( "$option_no" "${nonpub/$homes/}" )
|
|
indexforkeys+=( "$option_no" )
|
|
realkeys+=( "$nonpub" )
|
|
done
|
|
|
|
IFS=$IFSOLD
|
|
|
|
if [ "$pubs_count" -eq "1" ]; then
|
|
PK=$nonpub
|
|
pkey
|
|
return 0
|
|
elif [ "$pubs_count" -eq "0" ]; then
|
|
PK=$HPATH/.ssh/${USER}
|
|
pkey
|
|
return 0
|
|
fi
|
|
|
|
if [ "${#akeys[@]}" -eq "0" ]; then
|
|
PK=$HPATH/.ssh/${USER}
|
|
pkey
|
|
return 0
|
|
fi
|
|
|
|
usekey=$(dialog --ok-label "Use this Key" --cancel-label "Back" --output-fd 1 \
|
|
--colors \
|
|
--menu "Select key:" 0 0 0 "${akeys[@]}")
|
|
|
|
match=false
|
|
c=0
|
|
for no in "${indexforkeys[@]}"; do
|
|
c=$((c+1))
|
|
if [ "$usekey" = "$no" ]; then
|
|
match=true
|
|
break
|
|
fi
|
|
done
|
|
|
|
if [ "$match" = false ]; then
|
|
PK=$HPATH/.ssh/${USER}
|
|
pkey
|
|
return 0
|
|
fi
|
|
|
|
d=0
|
|
for i in "${realkeys[@]}"; do
|
|
d=$((d+1))
|
|
if [ "$d" = "$c" ]; then
|
|
PK=$i
|
|
pkey
|
|
return 0
|
|
fi
|
|
done
|
|
|
|
PK=$HPATH/.ssh/${USER}
|
|
pkey
|
|
}
|
|
|
|
ask_to_edit_hosts() {
|
|
dialog --output-fd 1 --title "Edit Host File" \
|
|
--backtitle "Add servers to your /etc/hosts file as SUDOer?" \
|
|
--yesno "Would you like to add any servers as SUDO user?" 7 60
|
|
EDIT_HOSTS=$?
|
|
clear
|
|
}
|
|
|
|
default_ssh_port() {
|
|
SSH_PORT=22
|
|
new_port=$(dialog --ok-label "OK" --cancel-label "BACK" --output-fd 1 --max-input 5 \
|
|
--aspect 100 --colors --inputbox 'Change default SSH port#' 10 30 "$SSH_PORT")
|
|
SSH_PORT=${new_port:-$SSH_PORT}
|
|
}
|
|
|
|
default_username() {
|
|
DEFAULT_USER=$USER
|
|
new_user=$(dialog --ok-label "OK" --cancel-label "BACK" --output-fd 1 \
|
|
--aspect 100 --colors --inputbox 'Change default SSH USER' 10 30 "$DEFAULT_USER")
|
|
DEFAULT_USER=${new_user:-$DEFAULT_USER}
|
|
}
|
|
|
|
split_hosts_file() {
|
|
echo "# Private/Remote Servers" > /tmp/localhosts_remotes
|
|
echo "# Local-Hosts IPv4" > /tmp/localhosts_ip4
|
|
echo "# Local-Hosts IPv6" > /tmp/localhosts_ip6
|
|
comment=""
|
|
|
|
IFSOLD=$IFS
|
|
IFS=$'\n'
|
|
for item in $(cat "$HOSTS_FILE"); do
|
|
tipaddr=$(echo "$item" | awk '{print $1}')
|
|
thostname=$(echo "$item" | awk '{print $2}')
|
|
#lcase=$(echo "$thostname" | tr '[A-Z]' '[a-z]')
|
|
#rhost=${lcase/ssh-/}
|
|
#rhost=${rhost/h-/}
|
|
#rhost=${rhost/host-/}
|
|
if [ $(echo $tipaddr | awk -F. '{ printf("%d\n", $1); }') = "127" ]; then
|
|
#echo "Skipped IPv4 Loopback"
|
|
if [ -n "$comment" ]; then
|
|
echo "$comment" >> /tmp/localhosts_ip4
|
|
comment=""
|
|
fi
|
|
echo "$item" >> /tmp/localhosts_ip4
|
|
elif [ $(echo $tipaddr | grep -c "::") -ge 1 ]; then
|
|
#echo "Skipped IPv6 Loopback"
|
|
if [ -n "$comment" ]; then
|
|
echo "$comment" >> /tmp/localhosts_ip6
|
|
comment=""
|
|
fi
|
|
echo "$item" >> /tmp/localhosts_ip6
|
|
elif [ $(echo $tipaddr | grep -c "^#") -ge 1 ]; then
|
|
#echo "Skipped Comment"
|
|
|
|
if [ "$item" != "# Private/Remote Servers" ] && \
|
|
[ "$item" != "# Local-Hosts IPv4" ] && \
|
|
[ "$item" != "# Local-Hosts IPv6" ] && \
|
|
[ "$item" != "# Script will include Localhosts back in automatically" ] && \
|
|
[ "$item" != "#" ]; then
|
|
if [ -n "$comment" ]; then
|
|
comment+=$(printf "\n%s" "$item")
|
|
else
|
|
comment=$item
|
|
fi
|
|
fi
|
|
continue
|
|
else
|
|
#echo "Found Private/Remote Host"
|
|
if [ -n "$comment" ]; then
|
|
echo "$comment" >> /tmp/localhosts_remotes
|
|
comment=""
|
|
fi
|
|
echo "$item" >> /tmp/localhosts_remotes
|
|
fi
|
|
done
|
|
|
|
IFS=$IFSOLD
|
|
|
|
cat /tmp/localhosts_ssh > /tmp/localhosts_main
|
|
cat /tmp/localhosts_remotes >> /tmp/localhosts_main
|
|
echo -e "\n#\n# Script will include Localhosts back in automatically" >> /tmp/localhosts_main
|
|
}
|
|
|
|
thostname=""
|
|
hostnames=()
|
|
deduper() {
|
|
if [ ${#hostnames[@]} -eq 0 ]; then
|
|
hostnames+=("$thostname")
|
|
return 0
|
|
fi
|
|
local dup=false
|
|
for x in "${hostnames[@]}"; do
|
|
if [ "$x" = "$thostname" ]; then
|
|
dup=true
|
|
break
|
|
fi
|
|
done
|
|
if [ $dup = false ]; then
|
|
hostnames+=("$thostname")
|
|
fi
|
|
}
|
|
|
|
ask_to_split() {
|
|
dialog --output-fd 1 --title "Split Host File" \
|
|
--backtitle "Hosts file too large, temporary..split it?" \
|
|
--yesno "Local Hosts will be placed at bottom of host file." 7 60
|
|
|
|
split=$?
|
|
clear
|
|
}
|
|
|
|
admin_step() {
|
|
|
|
ask_to_edit_hosts
|
|
if [ "$EDIT_HOSTS" = "0" ]; then
|
|
echo "Editing Hosts file..."
|
|
else
|
|
return 0
|
|
fi
|
|
|
|
if [ $(wc -l "$HOSTS_FILE" | awk -F. '{ printf("%d\n", $1); }') -gt 500 ]; then
|
|
ask_to_split
|
|
fi
|
|
|
|
echo "Updating Hosts"
|
|
if [ ! -d "$HPATH/.dotfile_backups" ]; then
|
|
mkdir "$HPATH/.dotfile_backups" 2> /dev/null
|
|
fi
|
|
local bknow=$(date +"%m_%d_%Y_%H_%M_%S")
|
|
cp "$HOSTS_FILE" "$HPATH/.dotfile_backups/host${bknow}" 2> /dev/null
|
|
|
|
if [ "$split" = "0" ]; then
|
|
split_hosts_file
|
|
else
|
|
if [ -x /usr/bin/tee ] || [ -x /bin/tee ]; then
|
|
echo -e "# Please add all your SSH Servers to this list:" | cat - "$HOSTS_FILE" | sudo tee "$HOSTS_FILE"
|
|
fi
|
|
|
|
if [ -z "$EDITOR" ]; then
|
|
sudo nano "$HOSTS_FILE"
|
|
else
|
|
sudo "$EDITOR" "$HOSTS_FILE"
|
|
fi
|
|
sudo sed -i '/# Please add all your SSH Servers to this list:/d' "$HOSTS_FILE"
|
|
return 1
|
|
fi
|
|
|
|
if [ -z "$EDITOR" ]; then
|
|
nano /tmp/localhosts_main
|
|
else
|
|
"$EDITOR" /tmp/localhosts_main
|
|
fi
|
|
|
|
sed -i '/# Script will include Localhosts back in automatically/d' /tmp/localhosts_main
|
|
}
|
|
|
|
admin_check() {
|
|
if [ $UID -eq 0 ]; then
|
|
admin_step
|
|
else
|
|
sudoers_power=$(groups "$USER" | grep " sudo")
|
|
admin_power=$(groups "$USER" | grep " admin")
|
|
wheel_power=$(groups "$USER" | grep " wheel")
|
|
if [ -n "$sudoers_power" ] || [ -n "$admin_power" ] || [ -n "$wheel_power" ]; then
|
|
admin_step
|
|
fi
|
|
fi
|
|
}
|
|
|
|
clean_up_split() {
|
|
if [ "$split" = "0" ]; then
|
|
cat /tmp/localhosts_ip4 >> /tmp/localhosts_main
|
|
cat /tmp/localhosts_ip6 >> /tmp/localhosts_main
|
|
echo -e "\n Original $HOSTS_FILE file Backed up at: $HPATH/.dotfile_backups/host${bknow}"
|
|
echo "Cleaning up hosts file...."
|
|
sudo mv -f "$HOSTS_FILE" "${HOSTS_FILE}_old"
|
|
sudo mv /tmp/localhosts_main "$HOSTS_FILE"
|
|
sudo chown root:root "$HOSTS_FILE"
|
|
sudo chmod 644 "$HOSTS_FILE"
|
|
rm -f /tmp/localhosts_*
|
|
fi
|
|
}
|
|
|
|
findhosts() {
|
|
|
|
admin_check
|
|
|
|
if [ "$split" = "0" ]; then
|
|
read_hosts=/tmp/localhosts_main
|
|
else
|
|
read_hosts=$HOSTS_FILE
|
|
fi
|
|
|
|
IFSOLD=$IFS
|
|
IFS=$'\n'
|
|
|
|
for item in $(cat "$read_hosts"); do
|
|
tipaddr=$(echo "$item" | awk '{print $1}')
|
|
thostname=$(echo "$item" | awk '{print $2}')
|
|
lcase=$(echo "$thostname" | tr '[A-Z]' '[a-z]')
|
|
|
|
if [ "$(echo $tipaddr | awk -F. '{ printf("%d\n", $1); }')" = "127" ]; then
|
|
#echo "Skipped IPv4 Loopback"
|
|
continue
|
|
elif [ "$(echo $tipaddr | grep -c "::")" -ge 1 ]; then
|
|
#echo "Skipped IPv6 Loopback"
|
|
continue
|
|
elif [ "$(echo $tipaddr | grep -c "^#")" -ge 1 ]; then
|
|
#echo "Skipped Comment"
|
|
continue
|
|
else
|
|
deduper
|
|
fi
|
|
done
|
|
|
|
IFS=$IFSOLD
|
|
|
|
clean_up_split
|
|
|
|
}
|
|
|
|
edit_configs() {
|
|
IFSOLD=$IFS
|
|
IFS=$'\n'
|
|
|
|
local aconfig=()
|
|
local cfgs=$(ls $HPATH/.ssh/config*)
|
|
local realconfig=()
|
|
local realindex=()
|
|
local p=""
|
|
local r=""
|
|
local cdd
|
|
for cdd in $cfgs; do
|
|
realconfig+=( "$cdd" )
|
|
p=$HPATH/.ssh/
|
|
r=${cdd/$p/}
|
|
de=${r/configs_/}
|
|
de=${de/.conf/}
|
|
realindex+=( "$de" )
|
|
aconfig+=( "$de" "$r" )
|
|
done
|
|
|
|
if [ "${#aconfig[@]}" -eq "0" ]; then
|
|
return 1
|
|
fi
|
|
|
|
editme=$(dialog --ok-label "Edit this config" --cancel-label "Back" --output-fd 1 \
|
|
--colors \
|
|
--menu "Select SSH file:" 0 0 0 "${aconfig[@]}")
|
|
|
|
local match=false
|
|
local c=0
|
|
local no
|
|
for no in "${realindex[@]}"; do
|
|
c=$((c+1))
|
|
# echo "$no"
|
|
if [ "$editme" = "$no" ]; then
|
|
match=true
|
|
break
|
|
fi
|
|
done
|
|
|
|
if [ "$match" = false ]; then
|
|
return 0
|
|
fi
|
|
|
|
local d=0
|
|
local i
|
|
for i in "${realconfig[@]}"; do
|
|
d=$((d+1))
|
|
if [ "$d" = "$c" ]; then
|
|
"$EDITOR" "$i"
|
|
break
|
|
fi
|
|
done
|
|
|
|
IFS=$IFSOLD
|
|
}
|
|
|
|
if [ ! -r "$HPATH/.ssh/config" ]; then
|
|
choose_key
|
|
default_ssh_port
|
|
default_username
|
|
clear
|
|
findhosts
|
|
|
|
prefix=""
|
|
#prefix_num=$(dialog --output-fd 1 --menu "SSH name prefixes:" 0 0 0 1 "None" 2 "s-" 3 "ssh-")
|
|
#case "$prefix_num" in
|
|
# '2') prefix="s-";;
|
|
# '3') prefix="ssh-";;
|
|
# *) prefix="";;
|
|
#esac
|
|
|
|
# Begin Dummy Configs
|
|
echo "Include $HPATH/.ssh/configs_*.conf
|
|
|
|
# Edit the following SSHTO config file:
|
|
# What servers do you want to connect to?" > "$HPATH/.ssh/config"
|
|
|
|
if [ -r "$HPATH/.ssh/configs_work.conf" ]; then
|
|
bknow=$(date +"%m_%d_%Y_%H_%M_%S")
|
|
mv "$HPATH/.ssh/configs_work.conf" "$HPATH/.ssh/bk_configs_work${bknow}.old" 2> /dev/null
|
|
fi
|
|
|
|
echo "#Host Group #My Work Server's#" > "$HPATH/.ssh/configs_work.conf"
|
|
|
|
if [ "${#hostnames[@]}" -eq "0" ]; then
|
|
echo "Host ${prefix}mysite
|
|
HostName YOURsiteHERE.com OR IP of computer
|
|
Port $SSH_PORT
|
|
User $DEFAULT_USER
|
|
IdentityFile $USE_PRIVATE_KEY" >> "$HPATH/.ssh/configs_work.conf"
|
|
else
|
|
for h in "${hostnames[@]}"; do
|
|
ch=${h/host-/}
|
|
ch=${ch/h-/}
|
|
ch=${ch/s-/}
|
|
ch=${ch/ssh-/}
|
|
echo "Host ${prefix}${ch}
|
|
HostName ${h}
|
|
Port $SSH_PORT
|
|
User $DEFAULT_USER
|
|
IdentityFile $USE_PRIVATE_KEY" >> "$HPATH/.ssh/configs_work.conf"
|
|
|
|
done
|
|
fi
|
|
|
|
echo "Host github #ignore
|
|
HostName github.com
|
|
Port 22
|
|
User git
|
|
IdentityFile $USE_PRIVATE_KEY
|
|
|
|
# --- default for all NOT Defined hosts..! ---
|
|
Host *
|
|
Protocol 2
|
|
HostKeyAlgorithms sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
|
|
KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512
|
|
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
|
|
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-256
|
|
StrictHostKeyChecking ask
|
|
VerifyHostKeyDNS ask
|
|
User root
|
|
Port 22
|
|
ServerAliveInterval 300
|
|
ServerAliveCountMax 3
|
|
ForwardAgent no
|
|
ForwardX11 no
|
|
ForwardX11Trusted no
|
|
PermitLocalCommand no
|
|
HashKnownHosts yes
|
|
TCPKeepAlive yes
|
|
SendEnv LANG LC_*
|
|
" >> "$HPATH/.ssh/config"
|
|
|
|
if [ ! -r "$HPATH/.ssh/configs_home.conf" ]; then
|
|
echo "#Host Group #My Home Lab#
|
|
Host ${prefix}lab #ignore
|
|
HostName lab1
|
|
Port $SSH_PORT
|
|
User $DEFAULT_USER
|
|
IdentityFile $USE_PRIVATE_KEY" > "$HPATH/.ssh/configs_home.conf"
|
|
fi
|
|
|
|
if [ ! -r "$HPATH/.ssh/EXAMPLEconfigs_proxy.conf" ]; then
|
|
echo "#Host Group #Proxies's#
|
|
# Forward all local port 3128 traffic to port 3128 on the remote vps1.cyberciti.biz server
|
|
# $ ssh -f -N proxyus
|
|
Host proxyus #ignore
|
|
HostName vps1.cyberciti.biz
|
|
User breakfree
|
|
IdentityFile $HPATH/.ssh/vps1.cyberciti.biz.key
|
|
LocalForward 3128 127.0.0.1:3128" > "$HPATH/.ssh/EXAMPLEconfigs_proxy.conf"
|
|
fi
|
|
|
|
chmod 644 "$HPATH/.ssh/config"
|
|
chmod 644 "$HPATH/.ssh/configs_work.conf"
|
|
chmod 644 "$HPATH/.ssh/configs_home.conf"
|
|
chmod 644 "$HPATH/.ssh/EXAMPLEconfigs_proxy.conf"
|
|
|
|
edit_configs
|
|
|
|
fi
|
|
|