#!/bin/sh
#
# ~/git-shell-commands/addkey
#
# An interactive command to add a new SSH public key to the authorized
# key list.  To ensure the integrity of the authorized_keys file, the
# script makes sure you've entered a valid key (which must be entered
# all on one line).  For security, the script also disables some SSH
# options for the key when it adds it. 
#
# NOTE:
# This interactive command is NOT allowed through a SSH connection,
# use `sudo su - git` from other (admin) user instead.
#
# Credit:
# * Hosting an admin-friendly git server with git-shell
#   http://planzero.org/blog/2012/10/24/hosting_an_admin-friendly_git_server_with_git-shell
#
# Aaron LI
# 2017-06-18
#

if [ -n "${SSH_CONNECTION}" ]; then
    echo "Sorry, this command is not allowed through a SSH connection"
    exit 1
fi

# Read in the SSH key
echo "Input the SSH public key to be added (ED25519/RSA):"
read key

# Generate a fingerprint
fingerprint=$(echo "${key}" | ssh-keygen -lf -)

# Check for errors
if [ $(echo "${fingerprint}" | egrep -c '(ED25519|RSA)') -eq 0 ]; then
    # Display the fingerprint error and clean up
    echo "Invalid key: ${fingerprint}"
    exit 1
fi

# Add the key to the authorized keys file and clean up
[ ! -d "${HOME}/.ssh" ] && mkdir -m 0700 ${HOME}/.ssh
echo ${key} >> ${HOME}/.ssh/authorized_keys
chmod 0600 ${HOME}/.ssh/authorized_keys

# Display the fingerprint for reference
echo "Success! Added a key with the following fingerprint:"
echo ${fingerprint}