This document contains the content of /resources/other/live_usb_ssh_setup.sh. Download the file by setting the ?act=download parameter, or access the raw file at either srcs.cc or src.cerium.cc.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
#!/bin/bash
# This script is intended to be run from another partition on a bootable USB,
# used to quickly set up a VPN and SSH access to a remote device.
# It assumes that you are running as the default user, with internet access,
# and have network manager, openvpn, and ssh installed.
# There should be a OpenVPN configuration and credentials files in the "vpn"
# subdirectory, and an SSH key for a remote server in the "ssh" subdirectory.
# The VPN credentials file should have the username on the first line, and
# password on the second line.
# Time zone
timezone="Region/City"
# VPN details
vpn_login="./vpn/user.auth"
vpn_name="openvpn_server"
vpn_conf="./vpn/$vpn_name.ovpn"
# SSH server details
remote_user="user"
remote_host="10.x.x.x"
# SSH server key details
host_key="ssh_key"
host_key_path="./ssh/$host_key"
host_key_pub="ssh_key.pub"
host_key_pub_path="./ssh/$host_key_pub"
# Determine VPN credentials from file
username="$(sed '1q;d' $vpn_login)"
password="$(sed '2q;d' $vpn_login)"
# Set time zone
timedatectl set-timezone "$timezone"
# Import VPN configuration
nmcli connection import type openvpn file $vpn_conf
# Set password-flags to 0 to prevent keyring prompt
nmcli connection modify $vpn_name +vpn.data "password-flags=0"
# Set username and password
nmcli connection modify $vpn_name +vpn.data "username=$username"
nmcli connection modify $vpn_name vpn.secrets "password=$password"
# Copy server SSH key
mkdir ~/.ssh
cp $host_key_path ~/.ssh/$host_key
cp $host_key_pub_path ~/.ssh/$host_key_pub
# Set up SSH config
cat > ~/.ssh/config << EOF
Host $remote_host
HostName $remote_host
User $remote_user
IdentityFile ~/.ssh/$host_key
EOF
# Connect to VPN and add SSH server to known hosts
nmcli connection up $vpn_name
ssh $remote_user@$remote_host -o StrictHostKeyChecking=no "exit"
More resources