115 lines
2.8 KiB
Bash
115 lines
2.8 KiB
Bash
#!/bin/bash
|
||
echo "========$(basename $0 .sh)========"
|
||
echo "1.生成密钥"
|
||
echo "2.安装密钥"
|
||
echo "输入其他返回主页"
|
||
declare pick
|
||
read -p "请输入要选择的命令:" pick
|
||
|
||
function open_key() {
|
||
chmod 600 "$HOME/.ssh/authorized_keys"
|
||
chmod 700 "$HOME/.ssh"
|
||
|
||
sed -i 's/^#\?PubkeyAuthentication.*/PubkeyAuthentication yes/g' /etc/ssh/sshd_config
|
||
|
||
declare pick2
|
||
echo "是否关闭密码登录:"
|
||
read -p "输入 n 取消关闭:" pick2
|
||
|
||
if [[ ! $pick2 =~ [Nn] ]];then
|
||
sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication no/g' /etc/ssh/sshd_config
|
||
fi
|
||
|
||
systemctl restart sshd.service
|
||
|
||
echo "密钥安装完成"
|
||
}
|
||
|
||
case $pick in
|
||
'1')
|
||
declare site="${HOME}/.ssh"
|
||
read -p "请输入密钥安装位置,默认 :${site}:" pick
|
||
|
||
if [[ -d $pick ]]; then
|
||
site=$pick
|
||
elif [[ ! -z $pick ]];then
|
||
echo "该路径没有文件夹"
|
||
exit
|
||
fi
|
||
|
||
declare bit=""
|
||
declare type=""
|
||
declare phrase=""
|
||
declare -A type_dick
|
||
type_dick['rsa']="2048 4096"
|
||
type_dick['ed25519']=""
|
||
|
||
declare print_number=0
|
||
declare -a print_arr
|
||
for i in "${!type_dick[@]}" ; do
|
||
print_number=$(( print_number+1 ))
|
||
print_arr[$print_number]=$i
|
||
echo "${print_number}.${i}"
|
||
done
|
||
read -p "请选择要生成的密钥类型:" pick
|
||
if ! [[ $pick =~ [1-${#type_dick[@]}] ]]; then
|
||
echo "选择错误"
|
||
exit
|
||
fi
|
||
type=${print_arr[$pick]}
|
||
|
||
if [ ! -z "${type_dick[$type]}" ]; then
|
||
print_number=0
|
||
echo "请选择密钥位大小"
|
||
for i in ${type_dick[$type]} ; do
|
||
print_number=$(( print_number+1 ))
|
||
print_arr[$print_number]=$i
|
||
echo "${print_number}.${i}"
|
||
done
|
||
read -p "请选择:" pick
|
||
if ! [[ $pick =~ [1-${#print_arr[@]}] ]]; then
|
||
echo "选择错误"
|
||
exit
|
||
fi
|
||
bit="-b ${print_arr[$pick]}"
|
||
fi
|
||
|
||
read -p "是否开启密钥短语,输入y开启,请输入:" pick
|
||
if [[ $pick =~ [Yy] ]]; then
|
||
read -p "请输入要设置的密钥短语" phrase
|
||
fi
|
||
eval "ssh-keygen -t ${type} ${bit} -N '${phrase}' -f '${site}/key' -q"
|
||
echo "密钥安装成功"
|
||
echo "私钥:${site}/key"
|
||
echo "公钥:${site}/key.pub"
|
||
read -p "是否开启密钥登录,输入n取消:" pick
|
||
if ! [[ $pick =~ [Nn] ]]; then
|
||
mkdir -p "$HOME/.ssh"
|
||
echo "${site}/key.pub" > "$HOME/.ssh/authorized_keys"
|
||
open_key
|
||
fi
|
||
;;
|
||
'2')
|
||
declare key
|
||
echo "请输入公钥或文件路径:"
|
||
echo "默认:$HOME/.ssh/id_rsa.pub"
|
||
read -p "回车默认:" key
|
||
|
||
if [[ -z $key ]];then
|
||
key="$HOME/.ssh/id_rsa.pub"
|
||
fi
|
||
|
||
if [[ -f $key ]];then
|
||
key=$(cat "$key")
|
||
fi
|
||
if [[ ! $key =~ ^ssh-(rsa|ecdsa-sha2-nistp[0-9]+|ed25519|dss) ]];then
|
||
echo "公钥不合法"
|
||
exit 1
|
||
fi
|
||
|
||
mkdir -p "$HOME/.ssh"
|
||
echo "$key" > "$HOME/.ssh/authorized_keys"
|
||
open_key
|
||
esac
|
||
|