blob: 670fd94cba23b8385eeaee12e3e9477375b72644 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
#!/bin/sh
#
# ~/git-shell-commands/addkey
#
# An interactive command to add a new SSH public key to the authorized
# key list. To ensure the integrity of the authorized_keys file, the
# script makes sure you've entered a valid key (which must be entered
# all on one line). For security, the script also disables some SSH
# options for the key when it adds it.
#
# NOTE:
# This interactive command is NOT allowed through a SSH connection,
# use `sudo su - git` from other (admin) user instead.
#
# Credit:
# * Hosting an admin-friendly git server with git-shell
# http://planzero.org/blog/2012/10/24/hosting_an_admin-friendly_git_server_with_git-shell
#
# Aaron LI
# 2017-06-18
#
if [ -n "${SSH_CONNECTION}" ]; then
echo "Sorry, this command is not allowed through a SSH connection"
exit 1
fi
# Read in the SSH key
echo "Input the SSH public key to be added (ED25519/RSA):"
read key
# Generate a fingerprint
fingerprint=$(echo "${key}" | ssh-keygen -lf -)
# Check for errors
if [ $(echo "${fingerprint}" | egrep -c '(ED25519|RSA)') -eq 0 ]; then
# Display the fingerprint error and clean up
echo "Invalid key: ${fingerprint}"
exit 1
fi
# Add the key to the authorized keys file and clean up
[ ! -d "${HOME}/.ssh" ] && mkdir -m 0700 ${HOME}/.ssh
echo ${key} >> ${HOME}/.ssh/authorized_keys
chmod 0600 ${HOME}/.ssh/authorized_keys
# Display the fingerprint for reference
echo "Success! Added a key with the following fingerprint:"
echo ${fingerprint}
|
