From 58e921ac4cfa4f9e5620ca76ace2468f348ee0e7 Mon Sep 17 00:00:00 2001 From: "Lockszmith (@VAST)" Date: Mon, 10 Mar 2025 16:16:15 -0400 Subject: [PATCH] Added VAST oriented tools for modifying local iface and ip address --- .../bin/executable_auto-copy-ssh-id | 59 ++++++++- .../private_dot_local/bin/executable_lsip | 1 - .../bin/executable_pull-vast.id_rsa | 25 ++++ .../bin/executable_vastconnect | 112 ++++++++++++++++++ 4 files changed, 195 insertions(+), 2 deletions(-) mode change 120000 => 100644 _home.macos/private_dot_local/bin/executable_auto-copy-ssh-id create mode 100644 _home.macos/private_dot_local/bin/executable_pull-vast.id_rsa create mode 100644 _home.macos/private_dot_local/bin/executable_vastconnect diff --git a/_home.macos/private_dot_local/bin/executable_auto-copy-ssh-id b/_home.macos/private_dot_local/bin/executable_auto-copy-ssh-id deleted file mode 120000 index c54d6f6..0000000 --- a/_home.macos/private_dot_local/bin/executable_auto-copy-ssh-id +++ /dev/null @@ -1 +0,0 @@ -../../../_src.posix/private_dot_local/bin/executable_auto-copy-ssh-id \ No newline at end of file diff --git a/_home.macos/private_dot_local/bin/executable_auto-copy-ssh-id b/_home.macos/private_dot_local/bin/executable_auto-copy-ssh-id new file mode 100644 index 0000000..2ace2be --- /dev/null +++ b/_home.macos/private_dot_local/bin/executable_auto-copy-ssh-id @@ -0,0 +1,58 @@ +#! /usr/bin/env bash + +set -e + +if [ $# -eq 0 ]; then + printf '%s\n' \ + "${0#/*} - | [Address [... Address]]" \ + "" \ + "Perform copy-ssh-id where key based ssh auth is failing" \ + "" + exit 2 +fi + +REMOTE_HOST=("${@:--}") + +if [[ "${#REMOTE_HOST}" -eq 1 && "${REMOTE_HOST[0]}" == '-' ]]; then + read -a REMOTE_HOST +fi + +ssh_do() { + local USER="${1}" HOST="${2:?}" + # BLINDLY Trust host keys ( https://stackoverflow.com/a/74410573/799379 ) + [ 1 -eq "${NO_REFRESH:-0}" ] || ( + ssh-keygen -F "$HOST" &>/dev/null \ + && ssh-keygen -R "$HOST" &>/dev/null \ + || true + ) + ssh-keygen -F "$HOST" &>/dev/null || ( + ssh-keyscan -Ht ed25519 "$HOST" \ + || ssh-keyscan -H "$HOST" + ) | grep -v '^#' >> "$HOME/.ssh/known_hosts" + + SSH_ASKPASS_REQUIRE=never \ + ssh \ + -o PasswordAuthentication=no \ + -o LogLevel=ERROR \ + -o BatchMode=yes \ + -o ConnectTimeout=2 \ + -ttn \ + "${USER:+${USER}@}${HOST}" -- "${@:3}" \ + || ( + local XC=$? + printf '\n' + printf 'Exit code: %s\n' "$XC" >&2 + return $XC + ) +} + +for _host in "${REMOTE_HOST[@]}"; do + printf '%-40s: ' "$_host" + if ssh_do "" "$_host" hostname &>/dev/null; then + echo "ready" + else + printf 'Attempting to copy SSH key...\n\n' + ssh-copy-id "$_host" + fi +done + diff --git a/_home.macos/private_dot_local/bin/executable_lsip b/_home.macos/private_dot_local/bin/executable_lsip index 5b989a7..292789f 100644 --- a/_home.macos/private_dot_local/bin/executable_lsip +++ b/_home.macos/private_dot_local/bin/executable_lsip @@ -26,4 +26,3 @@ ip -j a s | jq -r ' | "\(.local)/\(.prefixlen)" )" ' - diff --git a/_home.macos/private_dot_local/bin/executable_pull-vast.id_rsa b/_home.macos/private_dot_local/bin/executable_pull-vast.id_rsa new file mode 100644 index 0000000..d6f375c --- /dev/null +++ b/_home.macos/private_dot_local/bin/executable_pull-vast.id_rsa @@ -0,0 +1,25 @@ +#! /usr/bin/env bash + +set -e +# Arguments 'TO', optional user (can be configured in ~/.ssh/config.d/...), command to run over ssh + +# Figure out the IPAddress I need to operate from +# Figure out the interface name to use +# Set the interface to the IP Address if not already setup +# Test with ping +# Connect with SSH + +VASTHOST="${1}" +if [ -z "$VASTHOST" ]; then + VASTHOST=192.168.2.2 + printf '%s\n' "VAST host argument not supplied, using default $VASTHOST..." >&2 +elif [ "$VASTHOST" == "0" ]; then + printf '%s\n' "Removing:" ~/.ssh/vast.id_rsa* + rm ~/.ssh/vast.id_rsa* || true + cp ~/.ssh/id_rsa ~/.ssh/vast.id_rsa + cp ~/.ssh/id_rsa.pub ~/.ssh/vast.id_rsa.pub + exit +fi +set -x +scp vastdata@${VASTHOST}:.ssh/id_rsa ~/.ssh/vast.id_rsa +scp vastdata@${VASTHOST}:.ssh/id_rsa.pub ~/.ssh/vast.id_rsa.pub diff --git a/_home.macos/private_dot_local/bin/executable_vastconnect b/_home.macos/private_dot_local/bin/executable_vastconnect new file mode 100644 index 0000000..0dc0f04 --- /dev/null +++ b/_home.macos/private_dot_local/bin/executable_vastconnect @@ -0,0 +1,112 @@ +#! /usr/bin/env bash + +set -e +# Arguments 'TO', optional user (can be configured in ~/.ssh/config.d/...), command to run over ssh + +# Figure out the IPAddress I need to operate from +# Figure out the interface name to use +# Set the interface to the IP Address if not already setup +# Test with ping +# Connect with SSH + +if [ $# -eq 0 ]; then + printf '%s\n' \ + "${0#/*} [] []" \ + "" \ + "Configure MacOS iface to connect to address from address" \ + "Default is en9" \ + "" \ + "FROM and FROM_SN will be autofilled for the following subnets:" \ + " 10.117.10.0/24" \ + " 192.168.[1 or 2].0/24" \ + "" \ + "for other subnets, you'll need to specify a FROM argument and a FROM_SN env variable" \ + "" + exit 2 +fi + +TO="${1}" +IFACE="${IFACE:-en9}" +SLEEP="${SLEEP:-3s}" +PINGOK=1 +CMDs=("${@:2}") + +[ "${#CMDs}" -gt 0 ] || CMDs=( hostname ) + +_myip() { + lsip | awk "/${IFACE}/"'{split($3, a, "/"); print a[1];}' +} + +_ping() { + ping -c "${PING_C:-3}" -W 250 "${TO}" +} + +_log() { + printf '%s\n' \ + "${@:2}" \ + >&2 + exit ${1} +} + +if _ping &>/dev/null; then + printf "Connection detected.\n" +else + PINGOK=0 + case "${TO}" in + 10.117.10.*) + FROM=10.117.10.254 + FROM_SN=255.255.255.0 + ;; + 192.168.1.*) + FROM=192.168.1.254 + FROM_SN=255.255.255.0 + ;; + 192.168.2.*) + FROM=192.168.2.254 + FROM_SN=255.255.255.0 + ;; + *) + FROM=${FROM:?FROM and FROM_SN Must be supplied for unknown IPv4 destination $1} + FROM_SN${FROM_SN:?FROM and FROM_SN Must be supplied for unknown IPv4 destination $1} + ;; + esac + + MYIP='' + MYIP="$(_myip)" + + if [ "$FROM" == "$MYIP" ]; then + _log 2 "Already setup with $MYIP, but ping to $TO is failing, you'll need to troubleshoot this." + exit 2 + fi + + echo "$MYIP detected on $IFACE, Setting up $FROM / $FROM_SN - \`sudo\` might be prompting you for your password" + + sudo ipconfig set "${IFACE}" manual "${FROM}" "${FROM_SN}" \ + && sleep "${SLEEP}" \ + && MYIP="$(_myip)" +fi + +if [ $PINGOK -eq 0 ] && _ping &>/dev/null; then + PINGOK=1 +fi + +if [ $PINGOK -eq 1 ]; then + # auto-copy-ssh-id "${TO}" + + ssh-keygen -R "${TO}" || true + + ssh \ + -o PasswordAuthentication=no \ + -o BatchMode=yes \ + -o ConnectTimeout=2 \ + -ttn \ + "${TO}" -- "${CMDs[*]}" \ + || 1>&2 printf '%s\n' \ + "Could not SSH into ${TO}, you might want to run 'pull-vast.id_rsa ${TO}' or 'auto-copy-ssh-id ${TO}'" +else + _log 2 "Ping faild." +fi + +exit + +