Delete renewkeys.sh

renewkeys.sh

@@ -1,233 +0,0 @@
-#!/bin/bash
-NF="\e[0m"
-FB="\e[1m"
-CG="\e[38;5;40m"
-CR="\e[38;5;9m"
-CY="\033[38;5;226m"
-USER=$(getent passwd 1000 | cut -d: -f1)
-PC=$(uname -n | awk '{print $1}')
-
-guardband() {
-if [ $? -ne 0 ]; then
-echo -e "${CR}Script Exited with an Error.${NF}"
-exit 1
-fi
-}
-
-cleanup() {
-echo -e "${CR}Attention: Script in fix mode - This will reset the .ssh folder. Press CTRL+C ${FB}NOW${NF} ${CR}if you want to avoid this.${NF}"
-sleep 5
-if  [[ $1 = "--pve01" ]]; then
-find /root/.ssh/ -type f -delete
-else
-find /root/.ssh/ -type f -delete
-find /home/$USER/.ssh/ -type f -delete
-fi
-}
-
-verifycdn(){
-CDN="https://cdn.franscorack.com"
-echo -e "${CY}Verifying CDN availability...${NF}"
-if ! wget --spider "$CDN" 2>/dev/null; then
-    echo -e "${CR}Error: Cannot reach CDN for checksum verification - ${FB}Are you connected on the Internet ? / Is the CDN down ?${NF}"
-    echo -e "${CR}Key-renewal script can only be ran if $CDN is reachable. Script Halted. ${NF}"
-    return 1
-    else
-    echo -e "${CG}CDN available for checksum downloads - ${FB}Proceeding...${NF}"
-    serversidePUB=$(wget https://cdn.franscorack.com/chksum/sshprov/pub -q -O -)
-    serversidePRIV=$(wget https://cdn.franscorack.com/chksum/sshprov/priv -q -O -)
-    sleep 2
-fi
-}
-
-rootcheck(){
-if [ -f /root/.ssh/id_ed25519 ]; then
-rootPRIV=$(sha256sum /root/.ssh/id_ed25519 | awk '{print $1}')
-else
-rootPRIV=0
-fi
-if [ -f /root/.ssh/authorized_keys ]; then
-rootPUB=$(sha256sum /root/.ssh/authorized_keys | awk '{print $1}')
-else
-rootPUB=0
-fi
-echo Root User Check:
-if [ "$rootPRIV" = "$serversidePRIV" ]
-then
-    echo -e "${CG}Private Keys Checksum against Server - ${FB}OK${NF} ${CG}- No action needed${NF}"
-    chmod 700 /root/.ssh
-    chmod 600 /root/.ssh/id_ed25519
-    else
-    echo -e "${CR}Private Keys Checksum against Server - ${FB}MISMATCH${NF} ${CR}- Provisioning... ${NF}"
-    sleep 2
-    if [ -f /root/.ssh/id_ed25519 ]; then
-    rm /root/.ssh/id_ed25519
-    fi
-    cp --no-preserve=mode,ownership /.SSH/automated/priv/servers/id_ed25519 /root/.ssh/id_ed25519
-    echo -e ${CY}'key data from server -> local store'${NF}
-    chmod 700 /root/.ssh
-    chmod 600 /root/.ssh/id_ed25519
-    echo -e ${CY}'chmod -> local store'${NF}
-    systemctl restart sshd
-    echo -e ${CY}'sshd restart'${NF}
-    sleep 3
-    rootPRIV2=$(sha256sum /root/.ssh/id_ed25519 | awk '{print $1}')
-    if [ "$rootPRIV2" = "$serversidePRIV" ]
-    then
-        echo -e "${CG}${FB}CHECKSUM OK - PROVISION SUCCESS${NF}"
-        else
-        echo -e "${CR}${FB}CHECKSUM MISMATCH - MANUAL INTERVENTION REQUIRED${NF}"
-        return 1
-    fi
-fi
-if [ "$rootPUB" = "$serversidePUB" ]
-then
-    echo -e "${CG}Public Keys Checksum against Server - ${FB}OK${NF} ${CG}- No action needed${NF}"
-    chmod 700 /root/.ssh
-    chmod 600 /root/.ssh/authorized_keys
-    else
-    echo -e "${CR}Public Keys Checksum against Server - ${FB}MISMATCH${NF} ${CR}- Provisioning... ${NF}"
-    sleep 2
-    if [ -f /root/.ssh/authorized_keys ]; then
-    rm /root/.ssh/authorized_keys
-    fi
-    cp --no-preserve=mode,ownership /.SSH/automated/pub/servers/id_ed25519.pub /root/.ssh/authorized_keys
-    echo -e ${CY}'key data from server -> local store'${NF}
-    chmod 700 /root/.ssh
-    chmod 600 /root/.ssh/authorized_keys
-    echo -e ${CY}'chmod -> local store'${NF}
-    systemctl restart sshd
-    echo -e ${CY}'sshd restart'${NF}
-    sleep 3
-    rootPUB2=$(sha256sum /root/.ssh/authorized_keys | awk '{print $1}')
-    if [ "$rootPUB2" = "$serversidePUB" ]
-    then
-        echo -e "${CG}${FB}CHECKSUM OK - PROVISION SUCCESS${NF}"
-        else
-        echo -e "${CR}${FB}CHECKSUM MISMATCH - MANUAL INTERVENTION REQUIRED${NF}"
-        return 1
-    fi
-fi
-}
-
-admincheck(){
-if [ -f /home/$USER/.ssh/id_ed25519 ]; then
-adminPRIV=$(sha256sum /home/$USER/.ssh/id_ed25519 | awk '{print $1}')
-else
-adminPRIV=0
-fi
-if [ -f /home/$USER/.ssh/authorized_keys ]; then
-adminPUB=$(sha256sum /home/$USER/.ssh/authorized_keys | awk '{print $1}')
-else
-adminPUB=0
-fi
-echo Admin User Check:
-if [ "$adminPRIV" = "$serversidePRIV" ]
-then
-    echo -e "${CG}Private Keys Checksum against Server - ${FB}OK${NF} ${CG}- No action needed${NF}"
-    chmod 700 /home/$USER/.ssh
-    chmod 600 /home/$USER/.ssh/id_ed25519
-    chown $USER -R /home/$USER/.ssh
-    else
-    echo -e "${CR}Private Keys Checksum against Server - ${FB}MISMATCH${NF} ${CR}- Provisioning... ${NF}"
-    sleep 2
-    if [ -f /home/$USER/.ssh/id_ed25519 ]; then
-    rm /home/$USER/.ssh/id_ed25519
-    fi
-    cp --no-preserve=mode,ownership /.SSH/automated/priv/servers/id_ed25519 /home/$USER/.ssh/id_ed25519
-    echo -e ${CY}'key data from server -> local store'${NF}
-    chmod 700 /home/$USER/.ssh
-    chmod 600 /home/$USER/.ssh/id_ed25519
-    chown $USER -R /home/$USER/.ssh
-    echo -e ${CY}'chmod -> local store'${NF}
-    systemctl restart sshd
-    echo -e ${CY}'sshd restart'${NF}
-    sleep 3
-    adminPRIV2=$(sha256sum /home/$USER/.ssh/id_ed25519 | awk '{print $1}')
-    if [ "$adminPRIV2" = "$serversidePRIV" ]
-    then
-        echo -e "${CG}${FB}CHECKSUM OK - PROVISION SUCCESS${NF}"
-        else
-        echo -e "${CR}${FB}CHECKSUM MISMATCH - MANUAL INTERVENTION REQUIRED${NF}"
-        return 1
-    fi
-fi
-if [ "$adminPUB" = "$serversidePUB" ]
-then
-    echo -e "${CG}Public Keys Checksum against Server - ${FB}OK${NF} ${CG}- No action needed${NF}"
-    chmod 700 /home/$USER/.ssh
-    chmod 600 /home/$USER/.ssh/authorized_keys
-    chown $USER -R /home/$USER/.ssh
-    else
-    echo -e "${CR}Public Keys Checksum against Server - ${FB}MISMATCH${NF} ${CR}- Provisioning... ${NF}"
-    sleep 2
-    if [ -f /home/$USER/.ssh/authorized_keys ]; then
-    rm /home/$USER/.ssh/authorized_keys
-    fi
-    cp --no-preserve=mode,ownership /.SSH/automated/pub/servers/id_ed25519.pub /home/$USER/.ssh/authorized_keys
-    echo -e ${CY}'key data from server -> local store'${NF}
-    chmod 700 /home/$USER/.ssh
-    chmod 600 /home/$USER/.ssh/authorized_keys
-    chown $USER -R /home/$USER/.ssh
-    echo -e ${CY}'chmod -> local store'${NF}
-    systemctl restart sshd
-    echo -e ${CY}'sshd restart'${NF}
-    sleep 3
-    adminPUB2=$(sha256sum /home/$USER/.ssh/authorized_keys | awk '{print $1}')
-    if [ "$adminPUB2" = "$serversidePUB" ]
-    then
-        echo -e "${CG}${FB}CHECKSUM OK - PROVISION SUCCESS${NF}"
-        else
-        echo -e "${CR}${FB}CHECKSUM MISMATCH - MANUAL INTERVENTION REQUIRED${NF}"
-        return 1
-    fi
-fi
-}
-
-if [ "$UID" -ne 0 ]; then
-    echo -e "${CR}This script must be run as root.${NF}"
-    exit 1
-fi
-echo -e ${CY}Warning: running this script resets known_hosts file. Abort this script using CTRL+C if you want to avoid that.${NF}
-sleep 3
-if [ -f /home/$USER/.ssh/known_hosts ]; then
-rm /home/$USER/.ssh/known_hosts
-fi
-if [ -f /root/.ssh/known_hosts ]; then
-rm /root/.ssh/known_hosts
-fi
-if  [[ $1 = "--fix" ]]; then
-    if [ "$PC" = "pve01" ]
-    then
-    cleanup --pve01
-    verifycdn
-    guardband
-    rootcheck
-    guardband
-    else
-    cleanup
-    verifycdn
-    guardband
-    rootcheck
-    guardband
-    admincheck
-    guardband
-    fi
-    else
-    if [ "$PC" = "pve01" ]
-    then
-    verifycdn
-    guardband
-    rootcheck
-    guardband
-    else
-    verifycdn
-    guardband
-    rootcheck
-    guardband
-    admincheck
-    guardband
-    fi
-fi
-sleep 2
-echo -e "${CG}Script execution completed.${NF}"