2024-09-24 17:59:47 +08:00
|
|
|
|
#!/bin/bash
|
2024-09-25 00:51:25 +08:00
|
|
|
|
echo "========$(basename $0 .sh)========"
|
2024-11-18 23:12:52 +08:00
|
|
|
|
echo "1. 生成密钥"
|
|
|
|
|
echo "2. 安装密钥"
|
|
|
|
|
echo "输入其他字符返回主页"
|
|
|
|
|
declare user_choice
|
|
|
|
|
read -p "请输入要选择的命令:" user_choice
|
2024-09-24 17:59:47 +08:00
|
|
|
|
|
2024-11-18 23:12:52 +08:00
|
|
|
|
function configure_key() {
|
2024-09-24 18:12:54 +08:00
|
|
|
|
chmod 600 "$HOME/.ssh/authorized_keys"
|
|
|
|
|
chmod 700 "$HOME/.ssh"
|
|
|
|
|
|
|
|
|
|
sed -i 's/^#\?PubkeyAuthentication.*/PubkeyAuthentication yes/g' /etc/ssh/sshd_config
|
|
|
|
|
|
2024-11-18 23:12:52 +08:00
|
|
|
|
declare user_input
|
2024-09-24 18:12:54 +08:00
|
|
|
|
echo "是否关闭密码登录:"
|
2024-11-18 23:12:52 +08:00
|
|
|
|
read -p "输入 n 取消关闭:" user_input
|
2024-09-24 18:12:54 +08:00
|
|
|
|
|
2024-11-18 23:12:52 +08:00
|
|
|
|
if [[ ! $user_input =~ [Nn] ]];then
|
2024-09-24 18:12:54 +08:00
|
|
|
|
sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication no/g' /etc/ssh/sshd_config
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
systemctl restart sshd.service
|
|
|
|
|
|
|
|
|
|
echo "密钥安装完成"
|
|
|
|
|
}
|
|
|
|
|
|
2024-11-18 23:12:52 +08:00
|
|
|
|
case $user_choice in
|
2024-09-24 17:59:47 +08:00
|
|
|
|
'1')
|
2024-11-18 23:12:52 +08:00
|
|
|
|
declare key_directory="${HOME}/.ssh"
|
|
|
|
|
read -p "请输入密钥安装位置, 默认:${key_directory}:" user_input
|
2024-09-24 17:59:47 +08:00
|
|
|
|
|
2024-11-18 23:12:52 +08:00
|
|
|
|
if [[ -d $user_input ]]; then
|
|
|
|
|
key_directory=$user_input
|
|
|
|
|
elif [[ ! -z $user_input ]];then
|
2024-09-24 17:59:47 +08:00
|
|
|
|
echo "该路径没有文件夹"
|
|
|
|
|
exit
|
|
|
|
|
fi
|
|
|
|
|
|
2024-11-18 23:12:52 +08:00
|
|
|
|
declare key_size=""
|
|
|
|
|
declare key_type=""
|
|
|
|
|
declare passphrase=""
|
|
|
|
|
declare -A key_options
|
|
|
|
|
key_options['rsa']="2048 4096"
|
|
|
|
|
key_options['ed25519']=""
|
|
|
|
|
|
|
|
|
|
declare option_count=0
|
|
|
|
|
declare -a option_array
|
|
|
|
|
for i in "${!key_options[@]}" ; do
|
|
|
|
|
option_count=$(( option_count+1 ))
|
|
|
|
|
option_array[$option_count]=$i
|
|
|
|
|
echo "${option_count}.${i}"
|
2024-09-24 17:59:47 +08:00
|
|
|
|
done
|
2024-11-18 23:12:52 +08:00
|
|
|
|
read -p "请选择要生成的密钥类型:" user_input
|
|
|
|
|
if ! [[ $user_input =~ [1-${#key_options[@]}] ]]; then
|
2024-09-24 17:59:47 +08:00
|
|
|
|
echo "选择错误"
|
|
|
|
|
exit
|
|
|
|
|
fi
|
2024-11-18 23:12:52 +08:00
|
|
|
|
key_type=${option_array[$user_input]}
|
2024-09-24 17:59:47 +08:00
|
|
|
|
|
2024-11-18 23:12:52 +08:00
|
|
|
|
if [ ! -z "${key_options[$key_type]}" ]; then
|
|
|
|
|
option_count=0
|
2024-09-24 17:59:47 +08:00
|
|
|
|
echo "请选择密钥位大小"
|
2024-11-18 23:12:52 +08:00
|
|
|
|
for i in ${key_options[$key_type]} ; do
|
|
|
|
|
option_count=$(( option_count+1 ))
|
|
|
|
|
option_array[$option_count]=$i
|
|
|
|
|
echo "${option_count}.${i}"
|
2024-09-24 17:59:47 +08:00
|
|
|
|
done
|
2024-11-18 23:12:52 +08:00
|
|
|
|
read -p "请选择:" user_input
|
|
|
|
|
if ! [[ $user_input =~ [1-${#option_array[@]}] ]]; then
|
2024-09-24 17:59:47 +08:00
|
|
|
|
echo "选择错误"
|
|
|
|
|
exit
|
|
|
|
|
fi
|
2024-11-18 23:12:52 +08:00
|
|
|
|
key_size="-b ${option_array[$user_input]}"
|
2024-09-24 17:59:47 +08:00
|
|
|
|
fi
|
|
|
|
|
|
2024-11-18 23:12:52 +08:00
|
|
|
|
read -p "是否开启密钥短语,输入y开启,请输入:" user_input
|
|
|
|
|
if [[ $user_input =~ [Yy] ]]; then
|
|
|
|
|
read -p "请输入要设置的密钥短语:" passphrase
|
2024-09-24 17:59:47 +08:00
|
|
|
|
fi
|
2024-11-18 23:12:52 +08:00
|
|
|
|
eval "ssh-keygen -t ${key_type} ${key_size} -N '${passphrase}' -f '${key_directory}/key' -q"
|
2024-09-24 17:59:47 +08:00
|
|
|
|
echo "密钥安装成功"
|
2024-11-18 23:12:52 +08:00
|
|
|
|
echo "私钥:${key_directory}/key"
|
|
|
|
|
echo "公钥:${key_directory}/key.pub"
|
|
|
|
|
read -p "是否开启密钥登录,输入n取消:" user_input
|
|
|
|
|
if ! [[ $user_input =~ [Nn] ]]; then
|
2024-09-24 17:59:47 +08:00
|
|
|
|
mkdir -p "$HOME/.ssh"
|
2024-11-18 23:12:52 +08:00
|
|
|
|
echo "${key_directory}/key.pub" > "$HOME/.ssh/authorized_keys"
|
|
|
|
|
configure_key
|
2024-09-24 17:59:47 +08:00
|
|
|
|
fi
|
|
|
|
|
;;
|
|
|
|
|
'2')
|
2024-11-18 23:12:52 +08:00
|
|
|
|
declare public_key
|
2024-09-24 17:59:47 +08:00
|
|
|
|
echo "请输入公钥或文件路径:"
|
|
|
|
|
echo "默认:$HOME/.ssh/id_rsa.pub"
|
2024-11-18 23:12:52 +08:00
|
|
|
|
read -p "回车默认:" public_key
|
2024-09-24 17:59:47 +08:00
|
|
|
|
|
2024-11-18 23:12:52 +08:00
|
|
|
|
if [[ -z $public_key ]];then
|
|
|
|
|
public_key="$HOME/.ssh/id_rsa.pub"
|
2024-09-24 17:59:47 +08:00
|
|
|
|
fi
|
|
|
|
|
|
2024-11-18 23:12:52 +08:00
|
|
|
|
if [[ -f $public_key ]];then
|
|
|
|
|
public_key=$(cat "$public_key")
|
2024-09-24 17:59:47 +08:00
|
|
|
|
fi
|
2024-11-18 23:12:52 +08:00
|
|
|
|
if [[ ! $public_key =~ ^ssh-(rsa|ecdsa-sha2-nistp[0-9]+|ed25519|dss) ]];then
|
2024-09-24 17:59:47 +08:00
|
|
|
|
echo "公钥不合法"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
mkdir -p "$HOME/.ssh"
|
2024-11-18 23:12:52 +08:00
|
|
|
|
echo "$public_key" > "$HOME/.ssh/authorized_keys"
|
|
|
|
|
configure_key
|
2024-09-24 17:59:47 +08:00
|
|
|
|
esac
|
|
|
|
|
|