#!/bin/bash #V0.2 #Requires: #If you will be creating ~/.config , requires known_hosts_merge #If you will be creating ~/.config , requires known2config #If you will be pushing out key(s) to remote servers, requires quick-ssh-keyinstall #Requires standard ssh tools: ssh , ssh-add , ssh-keygen , ssh-agent #Requires standard posix/unix/linux command line tools. Status () { echo "== $@" } cd >/dev/null if [ ! -e .ssh ]; then mkdir .ssh fi chmod 700 ~ ~/.ssh/ cd .ssh KeysAvailable='' #For each of the 3 supported keypair types, we need the public keyfile #and either the private key on disk or the private key loaded into ssh-agent. Status 'Checking for existing keys.' if [ -s id_dsa.pub ]; then if [ -s id_dsa ] || ssh-add -l 2>/dev/null | grep -q 'id_dsa'; then Status 'DSA keypair found, good' KeysAvailable="$KeysAvailable DSA" else Status 'Public key id_dsa.pub found, but no private key available. Exiting; check with the helpdesk.' exit 1 fi fi if [ -s id_ecdsa.pub ]; then if [ -s id_ecdsa ] || ssh-add -l 2>/dev/null | grep -q 'id_ecdsa'; then Status 'ECDSA keypair found, good' KeysAvailable="$KeysAvailable ECDSA" else Status 'Public key id_ecdsa.pub found, but no private key available. Exiting; check with the helpdesk.' exit 1 fi fi if [ -s id_rsa.pub ]; then if [ -s id_rsa.pub ] || ssh-add -l 2>/dev/null | grep -q 'id_rsa'; then Status 'RSA keypair found, good' KeysAvailable="$KeysAvailable RSA" else Status 'Public key id_rsa.pub found, but no private key available. Exiting; check with the helpdesk.' exit 1 fi fi if [ -z "$KeysAvailable" ]; then Status 'No ssh keypairs located, will create keypair' Status 'You will need to enter a long passhrase twice; remember this.' ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa if [ ! -s id_rsa -o ! -s id_rsa.pub ]; then Status 'Keys do not appear to have been successfully created;' Status 'please check with the helpdesk. Exiting.' exit 1. fi fi if [ "`ssh-add -l`" = 'The agent has no identities.' ]; then Status 'About to load the ssh key(s) into the agent; please enter passphrase(s).' ssh-add fi if [ "`ssh-add -l`" = 'The agent has no identities.' ]; then Status 'The attempt to load ssh key(s) failed. Please check with the helpdesk. Exiting.' exit 1 fi echo 'Do you have an ssh gateway (a host to which you ssh, then from there ssh to your other ssh servers)?' echo 'If so, enter it here, if not or you are not sure, just press enter.' read Gateway if [ ! -s ~/.ssh/config ]; then #No config file; offer to generate one from known_hosts if that exists. Status 'Creating ~/.ssh/config file' if [ -s ~/.ssh/known_hosts ]; then if [ -n "$Gateway" ]; then cat ~/.ssh/known_hosts | known_hosts_merge | known2config -p "$Gateway" >~/.ssh/config else cat ~/.ssh/known_hosts | known_hosts_merge | known2config >~/.ssh/config fi fi else if [ -s ~/.ssh/known_hosts ]; then Status 'You appear to have a ~/.ssh/config file already. I will create a ~/.ssh/config.addme file with potentially new hosts that you can choose to merge into your existing ~/.ssh/config file if needed.' if [ -n "$Gateway" ]; then cat ~/.ssh/known_hosts | known_hosts_merge | known2config -p "$Gateway" >~/.ssh/config.addme else cat ~/.ssh/known_hosts | known_hosts_merge | known2config >~/.ssh/config.addme fi echo 'If you would like to merge the contents of ~/.ssh/config.addme into ~/.ssh/config , this would be a good time to do so, as the next step offers to install your ssh keys onto all servers in ~/.ssh/config . Either way, press enter when you are done with any merging steps.' read Junk fi fi chmod go-w ~/.ssh/config Status 'Would you like your key(s) installed on each of the hosts in' Status 'your ~/.ssh/config that do not already have at least one key (Y/N)?' Status 'You will need to enter the password for each one once.' read Answer case "$Answer" in [Yy]*) quick-ssh-keyinstall `cat ~/.ssh/config | grep '^Host[[:space:]][[:space:]]*' | grep -v '^Host[[:space:]][[:space:]]*\*' | sed -e 's/^Host[[:space:]][[:space:]]*//' | sed -e 's/[[:space:]].*//' | sort -u` ;; esac Status 'Done. Remember to run ssh-add once after each reboot to load your keys.'