Change color codes
This commit is contained in:
90
renewkeys.sh
90
renewkeys.sh
@@ -1,31 +1,31 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
NO_FORMAT="\e[0m"
|
NF="\e[0m"
|
||||||
F_BOLD="\e[1m"
|
FB="\e[1m"
|
||||||
C_GREEN="\e[38;5;40m"
|
CG="\e[38;5;40m"
|
||||||
C_RED="\e[38;5;9m"
|
CR="\e[38;5;9m"
|
||||||
C_YELLOW="\033[38;5;226m"
|
CY="\033[38;5;226m"
|
||||||
USER=$(getent passwd 1000 | cut -d: -f1)
|
USER=$(getent passwd 1000 | cut -d: -f1)
|
||||||
PC=$(uname -n | awk '{print $1}')
|
PC=$(uname -n | awk '{print $1}')
|
||||||
|
|
||||||
guardband() {
|
guardband() {
|
||||||
if [ $? -ne 0 ]; then
|
if [ $? -ne 0 ]; then
|
||||||
echo -e "${C_YELLOW}Cleaning up temp directory for checksums...${NO_FORMAT}"
|
echo -e "${CY}Cleaning up temp directory for checksums...${NF}"
|
||||||
rm -rf /.SSH/.temp
|
rm -rf /.SSH/.temp
|
||||||
sleep 2
|
sleep 2
|
||||||
echo -e "${C_RED}Script Exited with an Error.${NO_FORMAT}"
|
echo -e "${CR}Script Exited with an Error.${NF}"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
verifycdn(){
|
verifycdn(){
|
||||||
CDN="https://cdn.franscorack.com"
|
CDN="https://cdn.franscorack.com"
|
||||||
echo -e "${C_YELLOW}Verifying CDN availability...${NO_FORMAT}"
|
echo -e "${CY}Verifying CDN availability...${NF}"
|
||||||
if ! wget --spider "$CDN" 2>/dev/null; then
|
if ! wget --spider "$CDN" 2>/dev/null; then
|
||||||
echo -e "${C_RED}Error: Cannot reach CDN for checksum verification - ${F_BOLD}Are you connected on the Internet ? / Is the CDN down ?${NO_FORMAT}"
|
echo -e "${CR}Error: Cannot reach CDN for checksum verification - ${FB}Are you connected on the Internet ? / Is the CDN down ?${NF}"
|
||||||
echo -e "${C_RED}Key-renewal script can only be ran if $CDN is reachable. Script Halted. ${NO_FORMAT}"
|
echo -e "${CR}Key-renewal script can only be ran if $CDN is reachable. Script Halted. ${NF}"
|
||||||
return 1
|
return 1
|
||||||
else
|
else
|
||||||
echo -e "${C_GREEN}CDN available for checksum downloads - ${F_BOLD}Proceeding...${NO_FORMAT}"
|
echo -e "${CG}CDN available for checksum downloads - ${FB}Proceeding...${NF}"
|
||||||
sleep 2
|
sleep 2
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
@@ -33,7 +33,7 @@ fi
|
|||||||
downloadpub(){
|
downloadpub(){
|
||||||
wget -q https://cdn.franscorack.com/chksum/sshprov/pub -O /.SSH/.temp/pub
|
wget -q https://cdn.franscorack.com/chksum/sshprov/pub -O /.SSH/.temp/pub
|
||||||
if [ $? -ne 0 ]; then
|
if [ $? -ne 0 ]; then
|
||||||
echo -e "${C_RED}Download error: CDN reported error in file download${NO_FORMAT}"
|
echo -e "${CR}Download error: CDN reported error in file download${NF}"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
@@ -41,7 +41,7 @@ fi
|
|||||||
downloadpriv(){
|
downloadpriv(){
|
||||||
wget -q https://cdn.franscorack.com/chksum/sshprov/priv -O /.SSH/.temp/priv
|
wget -q https://cdn.franscorack.com/chksum/sshprov/priv -O /.SSH/.temp/priv
|
||||||
if [ $? -ne 0 ]; then
|
if [ $? -ne 0 ]; then
|
||||||
echo -e "${C_RED}Download error: CDN reported error in file download${NO_FORMAT}"
|
echo -e "${CR}Download error: CDN reported error in file download${NF}"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
@@ -55,53 +55,53 @@ rootPUB=$(sha256sum /root/.ssh/authorized_keys | awk '{print $1}')
|
|||||||
echo Root User Check:
|
echo Root User Check:
|
||||||
if [ "$rootPRIV" = "$serversidePRIV" ]
|
if [ "$rootPRIV" = "$serversidePRIV" ]
|
||||||
then
|
then
|
||||||
echo -e "${C_GREEN}Private Keys Checksum against Server - ${F_BOLD}OK${NO_FORMAT} ${C_GREEN}- No action needed${NO_FORMAT}"
|
echo -e "${CG}Private Keys Checksum against Server - ${FB}OK${NF} ${CG}- No action needed${NF}"
|
||||||
chmod 700 /root/.ssh
|
chmod 700 /root/.ssh
|
||||||
chmod 600 /root/.ssh/id_ed25519
|
chmod 600 /root/.ssh/id_ed25519
|
||||||
else
|
else
|
||||||
echo -e "${C_RED}Private Keys Checksum against Server - ${F_BOLD}MISMATCH${NO_FORMAT} ${C_RED}- Provisioning... ${NO_FORMAT}"
|
echo -e "${CR}Private Keys Checksum against Server - ${FB}MISMATCH${NF} ${CR}- Provisioning... ${NF}"
|
||||||
sleep 2
|
sleep 2
|
||||||
rm /root/.ssh/id_ed25519
|
rm /root/.ssh/id_ed25519
|
||||||
cp --no-preserve=mode,ownership /.SSH/automated/priv/servers/id_ed25519 /root/.ssh/id_ed25519
|
cp --no-preserve=mode,ownership /.SSH/automated/priv/servers/id_ed25519 /root/.ssh/id_ed25519
|
||||||
echo -e ${C_YELLOW}'key data from server -> local store'${NO_FORMAT}
|
echo -e ${CY}'key data from server -> local store'${NF}
|
||||||
chmod 700 /root/.ssh
|
chmod 700 /root/.ssh
|
||||||
chmod 600 /root/.ssh/id_ed25519
|
chmod 600 /root/.ssh/id_ed25519
|
||||||
echo -e ${C_YELLOW}'chmod -> local store'${NO_FORMAT}
|
echo -e ${CY}'chmod -> local store'${NF}
|
||||||
systemctl restart sshd
|
systemctl restart sshd
|
||||||
echo -e ${C_YELLOW}'sshd restart'${NO_FORMAT}
|
echo -e ${CY}'sshd restart'${NF}
|
||||||
sleep 3
|
sleep 3
|
||||||
rootPRIV2=$(sha256sum /root/.ssh/id_ed25519 | awk '{print $1}')
|
rootPRIV2=$(sha256sum /root/.ssh/id_ed25519 | awk '{print $1}')
|
||||||
if [ "$rootPRIV2" = "$serversidePRIV" ]
|
if [ "$rootPRIV2" = "$serversidePRIV" ]
|
||||||
then
|
then
|
||||||
echo -e "${C_GREEN}${F_BOLD}CHECKSUM OK - PROVISION SUCCESS${NO_FORMAT}"
|
echo -e "${CG}${FB}CHECKSUM OK - PROVISION SUCCESS${NF}"
|
||||||
else
|
else
|
||||||
echo -e "${C_RED}${F_BOLD}CHECKSUM MISMATCH - MANUAL INTERVENTION REQUIRED${NO_FORMAT}"
|
echo -e "${CR}${FB}CHECKSUM MISMATCH - MANUAL INTERVENTION REQUIRED${NF}"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
if [ "$rootPUB" = "$serversidePUB" ]
|
if [ "$rootPUB" = "$serversidePUB" ]
|
||||||
then
|
then
|
||||||
echo -e "${C_GREEN}Public Keys Checksum against Server - ${F_BOLD}OK${NO_FORMAT} ${C_GREEN}- No action needed${NO_FORMAT}"
|
echo -e "${CG}Public Keys Checksum against Server - ${FB}OK${NF} ${CG}- No action needed${NF}"
|
||||||
chmod 700 /root/.ssh
|
chmod 700 /root/.ssh
|
||||||
chmod 600 /root/.ssh/authorized_keys
|
chmod 600 /root/.ssh/authorized_keys
|
||||||
else
|
else
|
||||||
echo -e "${C_RED}Public Keys Checksum against Server - ${F_BOLD}MISMATCH${NO_FORMAT} ${C_RED}- Provisioning... ${NO_FORMAT}"
|
echo -e "${CR}Public Keys Checksum against Server - ${FB}MISMATCH${NF} ${CR}- Provisioning... ${NF}"
|
||||||
sleep 2
|
sleep 2
|
||||||
rm /root/.ssh/authorized_keys
|
rm /root/.ssh/authorized_keys
|
||||||
cp --no-preserve=mode,ownership /.SSH/automated/pub/servers/id_ed25519.pub /root/.ssh/authorized_keys
|
cp --no-preserve=mode,ownership /.SSH/automated/pub/servers/id_ed25519.pub /root/.ssh/authorized_keys
|
||||||
echo -e ${C_YELLOW}'key data from server -> local store'${NO_FORMAT}
|
echo -e ${CY}'key data from server -> local store'${NF}
|
||||||
chmod 700 /root/.ssh
|
chmod 700 /root/.ssh
|
||||||
chmod 600 /root/.ssh/authorized_keys
|
chmod 600 /root/.ssh/authorized_keys
|
||||||
echo -e ${C_YELLOW}'chmod -> local store'${NO_FORMAT}
|
echo -e ${CY}'chmod -> local store'${NF}
|
||||||
systemctl restart sshd
|
systemctl restart sshd
|
||||||
echo -e ${C_YELLOW}'sshd restart'${NO_FORMAT}
|
echo -e ${CY}'sshd restart'${NF}
|
||||||
sleep 3
|
sleep 3
|
||||||
rootPUB2=$(sha256sum /root/.ssh/authorized_keys | awk '{print $1}')
|
rootPUB2=$(sha256sum /root/.ssh/authorized_keys | awk '{print $1}')
|
||||||
if [ "$rootPUB2" = "$serversidePUB" ]
|
if [ "$rootPUB2" = "$serversidePUB" ]
|
||||||
then
|
then
|
||||||
echo -e "${C_GREEN}${F_BOLD}CHECKSUM OK - PROVISION SUCCESS${NO_FORMAT}"
|
echo -e "${CG}${FB}CHECKSUM OK - PROVISION SUCCESS${NF}"
|
||||||
else
|
else
|
||||||
echo -e "${C_RED}${F_BOLD}CHECKSUM MISMATCH - MANUAL INTERVENTION REQUIRED${NO_FORMAT}"
|
echo -e "${CR}${FB}CHECKSUM MISMATCH - MANUAL INTERVENTION REQUIRED${NF}"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
@@ -113,67 +113,67 @@ adminPUB=$(sha256sum /home/$USER/.ssh/authorized_keys | awk '{print $1}')
|
|||||||
echo Admin User Check:
|
echo Admin User Check:
|
||||||
if [ "$adminPRIV" = "$serversidePRIV" ]
|
if [ "$adminPRIV" = "$serversidePRIV" ]
|
||||||
then
|
then
|
||||||
echo -e "${C_GREEN}Private Keys Checksum against Server - ${F_BOLD}OK${NO_FORMAT} ${C_GREEN}- No action needed${NO_FORMAT}"
|
echo -e "${CG}Private Keys Checksum against Server - ${FB}OK${NF} ${CG}- No action needed${NF}"
|
||||||
chmod 700 /home/$USER/.ssh
|
chmod 700 /home/$USER/.ssh
|
||||||
chmod 600 /home/$USER/.ssh/id_ed25519
|
chmod 600 /home/$USER/.ssh/id_ed25519
|
||||||
chown $USER -R /home/$USER/.ssh
|
chown $USER -R /home/$USER/.ssh
|
||||||
else
|
else
|
||||||
echo -e "${C_RED}Private Keys Checksum against Server - ${F_BOLD}MISMATCH${NO_FORMAT} ${C_RED}- Provisioning... ${NO_FORMAT}"
|
echo -e "${CR}Private Keys Checksum against Server - ${FB}MISMATCH${NF} ${CR}- Provisioning... ${NF}"
|
||||||
sleep 2
|
sleep 2
|
||||||
rm /home/$USER/.ssh/id_ed25519
|
rm /home/$USER/.ssh/id_ed25519
|
||||||
cp --no-preserve=mode,ownership /.SSH/automated/priv/servers/id_ed25519 /home/$USER/.ssh/id_ed25519
|
cp --no-preserve=mode,ownership /.SSH/automated/priv/servers/id_ed25519 /home/$USER/.ssh/id_ed25519
|
||||||
echo -e ${C_YELLOW}'key data from server -> local store'${NO_FORMAT}
|
echo -e ${CY}'key data from server -> local store'${NF}
|
||||||
chmod 700 /home/$USER/.ssh
|
chmod 700 /home/$USER/.ssh
|
||||||
chmod 600 /home/$USER/.ssh/id_ed25519
|
chmod 600 /home/$USER/.ssh/id_ed25519
|
||||||
chown $USER -R /home/$USER/.ssh
|
chown $USER -R /home/$USER/.ssh
|
||||||
echo -e ${C_YELLOW}'chmod -> local store'${NO_FORMAT}
|
echo -e ${CY}'chmod -> local store'${NF}
|
||||||
systemctl restart sshd
|
systemctl restart sshd
|
||||||
echo -e ${C_YELLOW}'sshd restart'${NO_FORMAT}
|
echo -e ${CY}'sshd restart'${NF}
|
||||||
sleep 3
|
sleep 3
|
||||||
adminPRIV2=$(sha256sum /home/$USER/.ssh/id_ed25519 | awk '{print $1}')
|
adminPRIV2=$(sha256sum /home/$USER/.ssh/id_ed25519 | awk '{print $1}')
|
||||||
if [ "$adminPRIV2" = "$serversidePRIV" ]
|
if [ "$adminPRIV2" = "$serversidePRIV" ]
|
||||||
then
|
then
|
||||||
echo -e "${C_GREEN}${F_BOLD}CHECKSUM OK - PROVISION SUCCESS${NO_FORMAT}"
|
echo -e "${CG}${FB}CHECKSUM OK - PROVISION SUCCESS${NF}"
|
||||||
else
|
else
|
||||||
echo -e "${C_RED}${F_BOLD}CHECKSUM MISMATCH - MANUAL INTERVENTION REQUIRED${NO_FORMAT}"
|
echo -e "${CR}${FB}CHECKSUM MISMATCH - MANUAL INTERVENTION REQUIRED${NF}"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
if [ "$adminPUB" = "$serversidePUB" ]
|
if [ "$adminPUB" = "$serversidePUB" ]
|
||||||
then
|
then
|
||||||
echo -e "${C_GREEN}Public Keys Checksum against Server - ${F_BOLD}OK${NO_FORMAT} ${C_GREEN}- No action needed${NO_FORMAT}"
|
echo -e "${CG}Public Keys Checksum against Server - ${FB}OK${NF} ${CG}- No action needed${NF}"
|
||||||
chmod 700 /home/$USER/.ssh
|
chmod 700 /home/$USER/.ssh
|
||||||
chmod 600 /home/$USER/.ssh/authorized_keys
|
chmod 600 /home/$USER/.ssh/authorized_keys
|
||||||
chown $USER -R /home/$USER/.ssh
|
chown $USER -R /home/$USER/.ssh
|
||||||
else
|
else
|
||||||
echo -e "${C_RED}Public Keys Checksum against Server - ${F_BOLD}MISMATCH${NO_FORMAT} ${C_RED}- Provisioning... ${NO_FORMAT}"
|
echo -e "${CR}Public Keys Checksum against Server - ${FB}MISMATCH${NF} ${CR}- Provisioning... ${NF}"
|
||||||
sleep 2
|
sleep 2
|
||||||
rm /home/$USER/.ssh/authorized_keys
|
rm /home/$USER/.ssh/authorized_keys
|
||||||
cp --no-preserve=mode,ownership /.SSH/automated/pub/servers/id_ed25519.pub /home/$USER/.ssh/authorized_keys
|
cp --no-preserve=mode,ownership /.SSH/automated/pub/servers/id_ed25519.pub /home/$USER/.ssh/authorized_keys
|
||||||
echo -e ${C_YELLOW}'key data from server -> local store'${NO_FORMAT}
|
echo -e ${CY}'key data from server -> local store'${NF}
|
||||||
chmod 700 /home/$USER/.ssh
|
chmod 700 /home/$USER/.ssh
|
||||||
chmod 600 /home/$USER/.ssh/authorized_keys
|
chmod 600 /home/$USER/.ssh/authorized_keys
|
||||||
chown $USER -R /home/$USER/.ssh
|
chown $USER -R /home/$USER/.ssh
|
||||||
echo -e ${C_YELLOW}'chmod -> local store'${NO_FORMAT}
|
echo -e ${CY}'chmod -> local store'${NF}
|
||||||
systemctl restart sshd
|
systemctl restart sshd
|
||||||
echo -e ${C_YELLOW}'sshd restart'${NO_FORMAT}
|
echo -e ${CY}'sshd restart'${NF}
|
||||||
sleep 3
|
sleep 3
|
||||||
adminPUB2=$(sha256sum /home/$USER/.ssh/authorized_keys | awk '{print $1}')
|
adminPUB2=$(sha256sum /home/$USER/.ssh/authorized_keys | awk '{print $1}')
|
||||||
if [ "$adminPUB2" = "$serversidePUB" ]
|
if [ "$adminPUB2" = "$serversidePUB" ]
|
||||||
then
|
then
|
||||||
echo -e "${C_GREEN}${F_BOLD}CHECKSUM OK - PROVISION SUCCESS${NO_FORMAT}"
|
echo -e "${CG}${FB}CHECKSUM OK - PROVISION SUCCESS${NF}"
|
||||||
else
|
else
|
||||||
echo -e "${C_RED}${F_BOLD}CHECKSUM MISMATCH - MANUAL INTERVENTION REQUIRED${NO_FORMAT}"
|
echo -e "${CR}${FB}CHECKSUM MISMATCH - MANUAL INTERVENTION REQUIRED${NF}"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
if [ "$UID" -ne 0 ]; then
|
if [ "$UID" -ne 0 ]; then
|
||||||
echo -e "${C_RED}This script must be run as root.${NO_FORMAT}"
|
echo -e "${CR}This script must be run as root.${NF}"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
echo -e ${C_YELLOW}Warning: running this script resets known_hosts file. Abort this script using CTRL+C if you want to avoid that.${NO_FORMAT}
|
echo -e ${CY}Warning: running this script resets known_hosts file. Abort this script using CTRL+C if you want to avoid that.${NF}
|
||||||
sleep 3
|
sleep 3
|
||||||
rm /home/$USER/.ssh/known_hosts
|
rm /home/$USER/.ssh/known_hosts
|
||||||
rm /root/.ssh/known_hosts
|
rm /root/.ssh/known_hosts
|
||||||
@@ -203,7 +203,7 @@ admincheck
|
|||||||
guardband
|
guardband
|
||||||
fi
|
fi
|
||||||
sleep 3
|
sleep 3
|
||||||
echo -e "${C_YELLOW}Cleaning up temp directory for checksums...${NO_FORMAT}"
|
echo -e "${CY}Cleaning up temp directory for checksums...${NF}"
|
||||||
rm -rf /.SSH/.temp
|
rm -rf /.SSH/.temp
|
||||||
sleep 2
|
sleep 2
|
||||||
echo -e "${C_GREEN}Script execution completed.${NO_FORMAT}"
|
echo -e "${CG}Script execution completed.${NF}"
|
||||||
|
|||||||
Reference in New Issue
Block a user