#!/bin/bash

# 检查是否提供了公钥参数
if [ -z "$1" ]; then
  echo "Usage: $0 <ssh-public-key>"
  exit 1
fi

# 公钥变量
SSH_KEY="$1"

# 创建 .ssh 目录并设置权限
mkdir -p ~/.ssh
chmod 700 ~/.ssh

# 将公钥添加到 authorized_keys 文件
echo "$SSH_KEY" >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys

# 检查并配置sshd_config文件
# SSHD_CONFIG="/etc/ssh/sshd_config"
# if grep -q "^#PasswordAuthentication" $SSHD_CONFIG; then
#     sudo sed -i 's/^#PasswordAuthentication.*/PasswordAuthentication no/' $SSHD_CONFIG
# elif grep -q "^PasswordAuthentication" $SSHD_CONFIG; then
#     sudo sed -i 's/^PasswordAuthentication.*/PasswordAuthentication no/' $SSHD_CONFIG
# else
#     echo "PasswordAuthentication no" | sudo tee -a $SSHD_CONFIG
# fi

# if grep -q "^#PermitRootLogin" $SSHD_CONFIG; then
#     sudo sed -i 's/^#PermitRootLogin.*/PermitRootLogin prohibit-password/' $SSHD_CONFIG
# elif grep -q "^PermitRootLogin" $SSHD_CONFIG; then
#     sudo sed -i 's/^PermitRootLogin.*/PermitRootLogin prohibit-password/' $SSHD_CONFIG
# else
#     echo "PermitRootLogin prohibit-password" | sudo tee -a $SSHD_CONFIG
# fi

# 重启ssh服务以应用更改
sudo systemctl restart sshd

echo "SSH key added and password login disabled."