change-public-key-cronscript

1. #!/bin/bash
2. # retrieve and change public keys from cron
3. PATH='/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin'
4. SCRIPT_PATH="${0}"
5. ARGS="${#}"
6. BACKUP='from="YOUR.IP.ADDRESS" ssh-dss <YOUR BACKUP PUB KEY> backup@backup-linux'
7.  
8. # exit function
9. function die() { echo -e "Error in ${SCRIPT_PATH}: ${1}"; exit 1; }
10.  
11. # script depends on:
12. [ -x /usr/bin/wget ] || die "This script depends on wget"
13.  
14. # user must be root:
15. [ $(whoami) = root ] || die "User must be root"
16.  
17. # check for arguments:
18. { [ ${ARGS} = 0 ]; } || die "Please dont feed me input"
19.  
20. # get ldaphost
21. [ -f /etc/uniqueidentifier ] || die "/etc/uniqueidentifier not found! please run the installer!"
22. HOSTALIAS="$( cat /etc/uniqueidentifier | grep 'alias:' | cut -d':' -f2 )"
23. HOSTIP="$( cat /etc/uniqueidentifier | grep 'ip:' | cut -d':' -f2 )"
24.  
25. # get public key script from server
26. wget -qq --no-check-certificate https://keyserver.example.com/keys/pubkey_manager --user=YOURUSER --password=YOURPASSWORD -O /tmp/pubkey_manager || die "failed to get keyscript"
27.  
28. mv /tmp/pubkey_manager /usr/local/bin/pubkey_manager && chmod +x /usr/local/bin/pubkey_manager
29.  
30. # get public ket from server
31. wget -qq --no-check-certificate https://keyserver.example.com/keys/pubkeys/${HOSTALIAS}_id_rsa.pub --user=YOURUSER --password=YOURPASS -O /tmp/key.pub || die "Failed to get ssh key"
32.  
33. # process
34. [ -f /root/.ssh/authorized_keys ] && mv /root/.ssh/authorized_keys /root/.ssh/authorized_keys.old
35. echo -e "${BACKUP}\nfrom=\"${HOSTIP}\" $( cat /tmp/key.pub )" >> /root/.ssh/authorized_keys  && chmod 600 /root/.ssh/authorized_keys
36.  
37.  
38.  
39. exit 0