Add -g (go) option, add force new key creation, test script add
Remove and Rotate script have -g (go) flag for actual run. Remove has text updates for removed key info Rotate force only forces rotation, but will not create new key unless -c (force create) is set Test script added for testing connections
This commit is contained in:
@@ -1,5 +1,7 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# Remove previous keys
|
||||
|
||||
# base folder for all data
|
||||
BASE_FOLDER=$(dirname "$(readlink -f "$0")")"/";
|
||||
# config folder
|
||||
@@ -11,10 +13,11 @@ ADMIN_USERS=(admin ubuntu ec2-user)
|
||||
|
||||
DRY_RUN=0;
|
||||
FORCE=0;
|
||||
GO=0;
|
||||
HOST_ONLY="";
|
||||
USER_ONLY="";
|
||||
#
|
||||
while getopts ":h:u:nf" opt; do
|
||||
while getopts ":h:u:nfg" opt; do
|
||||
case "${opt}" in
|
||||
h|hostname)
|
||||
HOST_ONLY="${OPTARG}";
|
||||
@@ -28,12 +31,16 @@ while getopts ":h:u:nf" opt; do
|
||||
f|force)
|
||||
FORCE=1;
|
||||
;;
|
||||
g|go)
|
||||
GO=1;
|
||||
;;
|
||||
\?)
|
||||
echo -e "\n Option does not exist: ${OPTARG}\n";
|
||||
echo "-h override single host name";
|
||||
echo "-u override user name for a host";
|
||||
echo "-f force key change";
|
||||
echo "-n dry run";
|
||||
echo "-g flag for actual change call";
|
||||
echo ""
|
||||
exit 1;
|
||||
;;
|
||||
@@ -54,8 +61,16 @@ if [ ! -f "${CONFIG_BASE}${server_list}" ]; then
|
||||
echo "Cannot find ${server_list} file in the config folder";
|
||||
exit
|
||||
fi
|
||||
# abort if go not set
|
||||
if [ ${GO} -eq 0 ] && [ ${DRY_RUN} -eq 1 ]; then
|
||||
GO=1;
|
||||
elif [ ${GO} -eq 0 ]; then
|
||||
echo "No -g (go) parameter set. aborting. For testing set -n for dry run"
|
||||
exit;
|
||||
fi
|
||||
|
||||
# default ssh command
|
||||
# -t is needed for systens when "Defaults requiretty" is set
|
||||
SSH="ssh -a -x";
|
||||
|
||||
remove_ssh_key() {
|
||||
@@ -121,7 +136,8 @@ for line in `cat "${CONFIG_BASE}${server_list}" | sed 1d`; do
|
||||
|
||||
# previous public key does not exist, skip
|
||||
if [ ! -f "${SSH_PUBLIC_KEYS_PREVIOUS}${SSH_KEY_PUB_FILE}" ]; then
|
||||
echo "[!] Missing previous public key file ${SSH_KEY_PUB_FILE} for ${username}@${hostname}";
|
||||
echo "[!] No previous public key file ${SSH_KEY_PUB_FILE} for ${username}@${hostname}";
|
||||
echo "[_] ............... SKIP";
|
||||
continue;
|
||||
fi
|
||||
|
||||
|
||||
Reference in New Issue
Block a user