Contents of /alx-src/branches/alx-web-050/generate-and-import-server-key.sh
Parent Directory
| 
Revision Log
Revision 1611 -
(show annotations)
(download)
(as text)
Fri Dec 3 00:03:21 2010 UTC (13 years, 4 months ago) by niro
File MIME type: application/x-sh
File size: 1034 byte(s)
Fri Dec 3 00:03:21 2010 UTC (13 years, 4 months ago) by niro
File MIME type: application/x-sh
File size: 1034 byte(s)
really fixed key generation, it must be run as the target user to be a valid key. added varianle encrypten support too (dsa/rsa)
| 1 | #!/bin/bash |
| 2 | |
| 3 | SQL_DB='alx_web' |
| 4 | SQL_HOST='localhost' |
| 5 | SQL_USER='alx_install' |
| 6 | SQL_PASS='@lx' |
| 7 | |
| 8 | WEBSERVER_USER="apache" |
| 9 | WEBSERVER_GROUP="apache" |
| 10 | WEBSERVER_USER_HOME="/var/lib/${WEBSERVER_USER}" |
| 11 | |
| 12 | ENCRYPTION="dsa" |
| 13 | |
| 14 | for i in id_${ENCRYPTION} id_${ENCRYPTION}.pub |
| 15 | do |
| 16 | [[ -e ${WEBSERVER_USER_HOME}/.ssh/${i} ]] && rm ${WEBSERVER_USER_HOME}/.ssh/${i} |
| 17 | done |
| 18 | |
| 19 | echo "Generating ${ENCRYPTION} key ..." |
| 20 | install -o ${WEBSERVER_USER} -g ${WEBSERVER_GROUP} -d ${WEBSERVER_USER_HOME}/.ssh |
| 21 | # run ssh keygen as target user |
| 22 | su - ${WEBSERVER_USER} -c "ssh-keygen -t ${ENCRYPTION} -q -f ${WEBSERVER_USER_HOME}/.ssh/id_${ENCRYPTION} -P ''" |
| 23 | |
| 24 | public_key="$(< ${WEBSERVER_USER_HOME}/.ssh/id_${ENCRYPTION}.pub)" |
| 25 | |
| 26 | SQL_COMMAND="insert into ssh_auth_server(id,public_key) values('1','${public_key}') on duplicate key update public_key='${public_key}'" |
| 27 | |
| 28 | echo "Importing public key to database ..." |
| 29 | mysql \ |
| 30 | --user="${SQL_USER}" \ |
| 31 | --password="${SQL_PASS}" \ |
| 32 | --host="${SQL_HOST}" \ |
| 33 | --database="${SQL_DB}" \ |
| 34 | --batch \ |
| 35 | --skip-column-names \ |
| 36 | --execute="${SQL_COMMAND}" |