Added VAST oriented tools for modifying local iface and ip address

This commit is contained in:
Lockszmith (@VAST) 2025-03-10 16:16:15 -04:00
parent a65cc2b84a
commit 58e921ac4c
4 changed files with 195 additions and 2 deletions

View File

@ -1 +0,0 @@
../../../_src.posix/private_dot_local/bin/executable_auto-copy-ssh-id

View File

@ -0,0 +1,58 @@
#! /usr/bin/env bash
set -e
if [ $# -eq 0 ]; then
printf '%s\n' \
"${0#/*} - | [Address [... Address]]" \
"" \
"Perform copy-ssh-id where key based ssh auth is failing" \
""
exit 2
fi
REMOTE_HOST=("${@:--}")
if [[ "${#REMOTE_HOST}" -eq 1 && "${REMOTE_HOST[0]}" == '-' ]]; then
read -a REMOTE_HOST
fi
ssh_do() {
local USER="${1}" HOST="${2:?}"
# BLINDLY Trust host keys ( https://stackoverflow.com/a/74410573/799379 )
[ 1 -eq "${NO_REFRESH:-0}" ] || (
ssh-keygen -F "$HOST" &>/dev/null \
&& ssh-keygen -R "$HOST" &>/dev/null \
|| true
)
ssh-keygen -F "$HOST" &>/dev/null || (
ssh-keyscan -Ht ed25519 "$HOST" \
|| ssh-keyscan -H "$HOST"
) | grep -v '^#' >> "$HOME/.ssh/known_hosts"
SSH_ASKPASS_REQUIRE=never \
ssh \
-o PasswordAuthentication=no \
-o LogLevel=ERROR \
-o BatchMode=yes \
-o ConnectTimeout=2 \
-ttn \
"${USER:+${USER}@}${HOST}" -- "${@:3}" \
|| (
local XC=$?
printf '\n'
printf 'Exit code: %s\n' "$XC" >&2
return $XC
)
}
for _host in "${REMOTE_HOST[@]}"; do
printf '%-40s: ' "$_host"
if ssh_do "" "$_host" hostname &>/dev/null; then
echo "ready"
else
printf 'Attempting to copy SSH key...\n\n'
ssh-copy-id "$_host"
fi
done

View File

@ -26,4 +26,3 @@ ip -j a s | jq -r '
| "\(.local)/\(.prefixlen)"
)"
'

View File

@ -0,0 +1,25 @@
#! /usr/bin/env bash
set -e
# Arguments 'TO', optional user (can be configured in ~/.ssh/config.d/...), command to run over ssh
# Figure out the IPAddress I need to operate from
# Figure out the interface name to use
# Set the interface to the IP Address if not already setup
# Test with ping
# Connect with SSH
VASTHOST="${1}"
if [ -z "$VASTHOST" ]; then
VASTHOST=192.168.2.2
printf '%s\n' "VAST host argument not supplied, using default $VASTHOST..." >&2
elif [ "$VASTHOST" == "0" ]; then
printf '%s\n' "Removing:" ~/.ssh/vast.id_rsa*
rm ~/.ssh/vast.id_rsa* || true
cp ~/.ssh/id_rsa ~/.ssh/vast.id_rsa
cp ~/.ssh/id_rsa.pub ~/.ssh/vast.id_rsa.pub
exit
fi
set -x
scp vastdata@${VASTHOST}:.ssh/id_rsa ~/.ssh/vast.id_rsa
scp vastdata@${VASTHOST}:.ssh/id_rsa.pub ~/.ssh/vast.id_rsa.pub

View File

@ -0,0 +1,112 @@
#! /usr/bin/env bash
set -e
# Arguments 'TO', optional user (can be configured in ~/.ssh/config.d/...), command to run over ssh
# Figure out the IPAddress I need to operate from
# Figure out the interface name to use
# Set the interface to the IP Address if not already setup
# Test with ping
# Connect with SSH
if [ $# -eq 0 ]; then
printf '%s\n' \
"${0#/*} <TO> [<FROM>] [<Interface>]" \
"" \
"Configure MacOS iface to connect to <TO> address from <FROM> address" \
"Default <Interface> is en9" \
"" \
"FROM and FROM_SN will be autofilled for the following subnets:" \
" 10.117.10.0/24" \
" 192.168.[1 or 2].0/24" \
"" \
"for other subnets, you'll need to specify a FROM argument and a FROM_SN env variable" \
""
exit 2
fi
TO="${1}"
IFACE="${IFACE:-en9}"
SLEEP="${SLEEP:-3s}"
PINGOK=1
CMDs=("${@:2}")
[ "${#CMDs}" -gt 0 ] || CMDs=( hostname )
_myip() {
lsip | awk "/${IFACE}/"'{split($3, a, "/"); print a[1];}'
}
_ping() {
ping -c "${PING_C:-3}" -W 250 "${TO}"
}
_log() {
printf '%s\n' \
"${@:2}" \
>&2
exit ${1}
}
if _ping &>/dev/null; then
printf "Connection detected.\n"
else
PINGOK=0
case "${TO}" in
10.117.10.*)
FROM=10.117.10.254
FROM_SN=255.255.255.0
;;
192.168.1.*)
FROM=192.168.1.254
FROM_SN=255.255.255.0
;;
192.168.2.*)
FROM=192.168.2.254
FROM_SN=255.255.255.0
;;
*)
FROM=${FROM:?FROM and FROM_SN Must be supplied for unknown IPv4 destination $1}
FROM_SN${FROM_SN:?FROM and FROM_SN Must be supplied for unknown IPv4 destination $1}
;;
esac
MYIP=''
MYIP="$(_myip)"
if [ "$FROM" == "$MYIP" ]; then
_log 2 "Already setup with $MYIP, but ping to $TO is failing, you'll need to troubleshoot this."
exit 2
fi
echo "$MYIP detected on $IFACE, Setting up $FROM / $FROM_SN - \`sudo\` might be prompting you for your password"
sudo ipconfig set "${IFACE}" manual "${FROM}" "${FROM_SN}" \
&& sleep "${SLEEP}" \
&& MYIP="$(_myip)"
fi
if [ $PINGOK -eq 0 ] && _ping &>/dev/null; then
PINGOK=1
fi
if [ $PINGOK -eq 1 ]; then
# auto-copy-ssh-id "${TO}"
ssh-keygen -R "${TO}" || true
ssh \
-o PasswordAuthentication=no \
-o BatchMode=yes \
-o ConnectTimeout=2 \
-ttn \
"${TO}" -- "${CMDs[*]}" \
|| 1>&2 printf '%s\n' \
"Could not SSH into ${TO}, you might want to run 'pull-vast.id_rsa ${TO}' or 'auto-copy-ssh-id ${TO}'"
else
_log 2 "Ping faild."
fi
exit