From 408b7d005277e205f431e1b4eb256bbe836cba54 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= Date: Sun, 26 Aug 2018 19:29:22 +0200 Subject: Change how ssh access is configured --- ssh-hook.sh | 5 +++-- ssh/authorized_keys | 2 ++ ssh/config | 9 +++++++++ ssh_authorized_keys | 2 -- templates/turris3x.run | 6 +++--- 5 files changed, 17 insertions(+), 7 deletions(-) create mode 100644 ssh/authorized_keys create mode 100644 ssh/config delete mode 100644 ssh_authorized_keys diff --git a/ssh-hook.sh b/ssh-hook.sh index 67130a5..4aac748 100755 --- a/ssh-hook.sh +++ b/ssh-hook.sh @@ -7,8 +7,9 @@ if [ -z "$SSH_ORIGINAL_COMMAND" ]; then git fetch --prune --force git reset --hard origin/master - echo "Deploy authorized keys" - cp ssh_authorized_keys ~/.ssh/authorized_keys + echo "Deploy ssh configuration" + cp ssh/config ~/.ssh/config + cp ssh/authorized_keys ~/.ssh/authorized_keys else diff --git a/ssh/authorized_keys b/ssh/authorized_keys new file mode 100644 index 0000000..9b1abb0 --- /dev/null +++ b/ssh/authorized_keys @@ -0,0 +1,2 @@ +restrict,command="~/cfg/ssh-hook.sh" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCuiylOhJaLHuoYleeIqXw0DeYI+DHp7z6LyWa5gVhV+DgHEOwra9SfrKwDKRlu/uDNbwuMzI4XE2Y3rXp6Fx/Ujh4+yrqCCJKdMFJt60iftys7Ilb+H0ihyrnhGCVFr214GDOjF94llkbHIYqSm3LcXdN9Xs2koPM0kq2+LZGMQ5Q9nc0gDGztiTArn9WfQsclu5OZhrWFfwUIwyI0wITHTMrMSNBL8mt/sKjGCNcRv/zg8FaLnB+GNjkA6jrzw3qLyguS0DUWszX4NlgkAd3KxhVoonnrhh35EAdZXtChT3g9zE42xgfbE3houkuRYA4YpJOJfYi1O+oLz40N/lKt git hook build key +restrict,command="~/cfg/ssh-hook.sh" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3cs5UOO/epaxSUaO6kDtQlfdS/K5GEJBGK9nH+KcRL4DNQlAGWZsJiJQPuIL3fGlzRLqnPr8YEMbT5sl/moe/gZe2VD5FoAr2dR2fEw5wXXDI90bxbmCWqbyjmRxlKxdKhc6v1BukmuxScsZO0VrUNks1veCGgi1G9w+tY5HevBlMqvDyDpU/H1LN7MVgkCser+ROjRPviDhLaXk6dLKut33SYgce02s5hlvTiWQa+CqeBfRkdiP5VBo/7PQOWsd8GSfCgO0mwhxFowG8cMFyEwMOi70HeNmURtKbd/h6cz0zsdA39fQ8huRWHRd/CQhgIUOsM+W0uPEwkv9HBErx cynerd@cynerd-pc diff --git a/ssh/config b/ssh/config new file mode 100644 index 0000000..5e0493b --- /dev/null +++ b/ssh/config @@ -0,0 +1,9 @@ +# vim: ft=sshconfig + +Host * + StrictHostKeyChecking no + +Host upload + User upload + Hostname cynerd.cz + IdentityFile ~/upload.ssh.key diff --git a/ssh_authorized_keys b/ssh_authorized_keys deleted file mode 100644 index 9b1abb0..0000000 --- a/ssh_authorized_keys +++ /dev/null @@ -1,2 +0,0 @@ -restrict,command="~/cfg/ssh-hook.sh" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCuiylOhJaLHuoYleeIqXw0DeYI+DHp7z6LyWa5gVhV+DgHEOwra9SfrKwDKRlu/uDNbwuMzI4XE2Y3rXp6Fx/Ujh4+yrqCCJKdMFJt60iftys7Ilb+H0ihyrnhGCVFr214GDOjF94llkbHIYqSm3LcXdN9Xs2koPM0kq2+LZGMQ5Q9nc0gDGztiTArn9WfQsclu5OZhrWFfwUIwyI0wITHTMrMSNBL8mt/sKjGCNcRv/zg8FaLnB+GNjkA6jrzw3qLyguS0DUWszX4NlgkAd3KxhVoonnrhh35EAdZXtChT3g9zE42xgfbE3houkuRYA4YpJOJfYi1O+oLz40N/lKt git hook build key -restrict,command="~/cfg/ssh-hook.sh" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3cs5UOO/epaxSUaO6kDtQlfdS/K5GEJBGK9nH+KcRL4DNQlAGWZsJiJQPuIL3fGlzRLqnPr8YEMbT5sl/moe/gZe2VD5FoAr2dR2fEw5wXXDI90bxbmCWqbyjmRxlKxdKhc6v1BukmuxScsZO0VrUNks1veCGgi1G9w+tY5HevBlMqvDyDpU/H1LN7MVgkCser+ROjRPviDhLaXk6dLKut33SYgce02s5hlvTiWQa+CqeBfRkdiP5VBo/7PQOWsd8GSfCgO0mwhxFowG8cMFyEwMOi70HeNmURtKbd/h6cz0zsdA39fQ8huRWHRd/CQhgIUOsM+W0uPEwkv9HBErx cynerd@cynerd-pc diff --git a/templates/turris3x.run b/templates/turris3x.run index d3cc5bc..3fa1859 100755 --- a/templates/turris3x.run +++ b/templates/turris3x.run @@ -29,10 +29,10 @@ echo_stage "Sign" ./staging_dir/host/bin/usign -S -s ~/openwrt-repo.key -m "bin/$ARCH/packages/base/Packages" echo_stage "Deploy" -ssh -i ~/upload.ssh.key upload@cynerd.cz rm -rf "deploy-turris3x-$BOARD" -scp -i ~/upload.ssh.key -r "bin/$ARCH/packages/base" upload@cynerd.cz:deploy-turris3x-$BOARD +ssh upload rm -rf "deploy-turris3x-$BOARD" +scp -r "bin/$ARCH/packages/base" upload:deploy-turris3x-$BOARD exit 0 # Disable deploy for now -ssh -i ~/upload.ssh.key upload@cynerd.cz /bin/sh -ex <