Some-Shell/ssh/add_ssh_pubkey/add_ssh_pubkey.sh

41 lines
1.2 KiB
Bash
Raw Normal View History

2024-07-13 02:59:40 +08:00
#!/bin/bash
# 检查是否提供了公钥参数
if [ -z "$1" ]; then
echo "Usage: $0 <ssh-public-key>"
exit 1
fi
# 公钥变量
SSH_KEY="$1"
# 创建 .ssh 目录并设置权限
mkdir -p ~/.ssh
chmod 700 ~/.ssh
# 将公钥添加到 authorized_keys 文件
echo "$SSH_KEY" >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
# 检查并配置sshd_config文件
SSHD_CONFIG="/etc/ssh/sshd_config"
if grep -q "^#PasswordAuthentication" $SSHD_CONFIG; then
sudo sed -i 's/^#PasswordAuthentication.*/PasswordAuthentication no/' $SSHD_CONFIG
elif grep -q "^PasswordAuthentication" $SSHD_CONFIG; then
sudo sed -i 's/^PasswordAuthentication.*/PasswordAuthentication no/' $SSHD_CONFIG
else
echo "PasswordAuthentication no" | sudo tee -a $SSHD_CONFIG
fi
if grep -q "^#PermitRootLogin" $SSHD_CONFIG; then
sudo sed -i 's/^#PermitRootLogin.*/PermitRootLogin prohibit-password/' $SSHD_CONFIG
elif grep -q "^PermitRootLogin" $SSHD_CONFIG; then
sudo sed -i 's/^PermitRootLogin.*/PermitRootLogin prohibit-password/' $SSHD_CONFIG
else
echo "PermitRootLogin prohibit-password" | sudo tee -a $SSHD_CONFIG
fi
# 重启ssh服务以应用更改
sudo systemctl restart sshd
echo "SSH key added and password login disabled."