diff options
| author | Josh Rahm <joshuarahm@gmail.com> | 2023-02-17 13:41:43 -0700 |
|---|---|---|
| committer | Josh Rahm <joshuarahm@gmail.com> | 2023-02-17 13:41:43 -0700 |
| commit | 385c36b4870baf028fe3902e289fc412b454f9cd (patch) | |
| tree | a6c755c42cea770b700ba22343893bbe32971422 | |
| download | acquire-key-over-ssh-385c36b4870baf028fe3902e289fc412b454f9cd.tar.gz acquire-key-over-ssh-385c36b4870baf028fe3902e289fc412b454f9cd.tar.bz2 acquire-key-over-ssh-385c36b4870baf028fe3902e289fc412b454f9cd.zip | |
initial commit
| -rwxr-xr-x | module-setup.sh | 19 | ||||
| -rwxr-xr-x | poll-ssh-acquire.sh | 56 | ||||
| -rwxr-xr-x | start-ssh-acquire.sh | 3 |
3 files changed, 78 insertions, 0 deletions
diff --git a/module-setup.sh b/module-setup.sh new file mode 100755 index 0000000..c4ad051 --- /dev/null +++ b/module-setup.sh @@ -0,0 +1,19 @@ +#!/bin/bash +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh + +check() { + return 255 +} + +depends() { + echo 'ssh-client busybox' +} + +install() { + inst_hook pre-udev 99 "$moddir/start-ssh-acquire.sh" + inst_script "$moddir/poll-ssh-acquire.sh" "/bin/poll-ssh-acquire.sh" + inst_simple "/root/.ssh/known_hosts" + inst_simple "/root/.ssh/id_rsa.pub" + inst_simple "/root/.ssh/id_rsa" +} diff --git a/poll-ssh-acquire.sh b/poll-ssh-acquire.sh new file mode 100755 index 0000000..5658c9c --- /dev/null +++ b/poll-ssh-acquire.sh @@ -0,0 +1,56 @@ +#!/bin/bash + +# This script waits for the network to come online and then will set the system time. +# +# This is useful because my system motherboard does not save the system time +# for some reason. + +timeout=600 +count=0 + +keyserver_user="keepr" +keyserver_host="192.168.86.103" +keyserver_file="/tmp/test-key" + +# Wait for the given interface to come up and for a route to +# be added. +interface="$1" +echo -n "Waiting for interface $interface ... " +while ! ( ip route list dev "$interface" &>/dev/null ) ; do + if [[ "$count" -eq "$timeout" ]] ; then + echo "Timedout waiting for $interface. Exiting." + exit 1 + fi + + echo -n "." + sleep 0.1 + count=$((count + 1)) +done +echo -e "\ndone" + +tries=10 +count=0 + +while /bin/true ; do + if [[ "$count" -eq "$tries" ]] ; then + echo "Unable to connect to $keyserver_user@$keyserver_host after 5 tries." + exit 1 + fi + + echo "Trying $keyserver_user@$keyserver_host ..." + ssh "$keyserver_user@$keyserver_host" "cat '$keyserver_file'" > /tmp/enc-key + + if [[ "$?" -eq 0 ]] ; then + break; + fi + + sleep 1 + count=$((count + 1)) +done + +echo "Passphrase acquired. Stored in /tmp/enc-key." + +socket_file=$(cat /run/systemd/ask-password/ask.* | grep -E '^Socket' | cut -d'=' -f2) +echo "running: /lib/systemd/systemd-reply-password 1 $socket_file < /tmp/enc-key" +/lib/systemd/systemd-reply-password 1 "$socket_file" < /tmp/enc-key +shred /tmp/enc-key diff --git a/start-ssh-acquire.sh b/start-ssh-acquire.sh new file mode 100755 index 0000000..428b0c0 --- /dev/null +++ b/start-ssh-acquire.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +nohup /bin/poll-ssh-acquire.sh "eno1" &>/var/log/ssh-acquire.log & |