feat: add support for configuring SSH2 HostKeys

2022-09-17 14:21:53 +02:00
parent 78b83de803
commit 058adb0514
2 changed files with 29 additions and 0 deletions
--- a/start.sh
+++ b/start.sh
@@ -45,6 +45,32 @@ while [ "$USERADD" != "$i" ] ;do
    useradd --home-dir "$BASE_DIR/$USER_NAME" --uid "$USER_UID" --gid "$USER_GID" "$USER_NAME"
 done

+# HOSTKEYS="/var/lib/jumpbox/ssh_host_ed25519_key;/var/lib/jumpbox/ssh_host_rsa_key"
+if [ -n "$HOSTKEYS" ]; then
+    while [ "$HOSTKEYS" != "$i" ]; do
+        i=${HOSTKEYS%%;*}
+        HOSTKEYS="${HOSTKEYS#$i;}"
+
+        if [ ! -e "$i" ]; then
+            echo "Could not read $i, file is missing"
+            continue
+        else
+            echo "Configuring HostKey $i"
+        fi
+
+        FILENAME=$(basename "$i")
+        if [ ! -e "/etc/ssh/$FILENAME" ]; then
+            install -m 0600 "$i" "/etc/ssh/$FILENAME"
+            ssh-keygen -y -f "$i" > "/etc/ssh/$FILENAME.pub"
+            ssh-keygen -l -f "/etc/ssh/$FILENAME.pub"
+        fi
+
+        if ! grep "^HostKey /etc/ssh/$FILENAME" /etc/ssh/sshd_config; then
+            echo "HostKey /etc/ssh/$FILENAME" >> /etc/ssh/sshd_config
+        fi
+    done
+fi
+
 if [ -z "$(find /etc/ssh/ -maxdepth 1 -name 'ssh_host_*_key' -print -quit)" ]; then
    echo "Creating SSH2 ED25519 key; this may take some time ..."
    ssh-keygen -q -f /etc/ssh/ssh_host_ed25519_key -N '' -t ed25519