List directory contents of directory protected by SIP / Quarantine

list-directory-no-sip.sh

#!/bin/bash
SSH_STATUS_CHECK_CMD="systemsetup -getremotelogin"
SSH_ENABLE_SERVER_CMD="systemsetup -setremotelogin on"
SSH_KEY="$HOME/.ssh/no_sip"

echo $HOME

PROTECTED_DIRECTORY="$1"

# Check if the SSH Server is already enabled
SSH_STATUS=$(sudo $SSH_STATUS_CHECK_CMD)

if echo $SSH_STATUS | grep "Off"; then
  echo "SSH Server not running. Starting..."
  sudo $SSH_ENABLE_SERVER_CMD
fi

# Check if a SSH private key for pubkey authentication exists.
if [[ ! -f "$SSH_KEY" ]]; then
  echo "Creating SSH key for password less SSH autentication"
  ssh-keygen -f $SSH_KEY -t ed25519 -N ""
fi

# Check if SSH key is already allowed to authenticate the user
if [[ ! -f "$HOME/.ssh/authorized_keys" ]]; then
  touch "$HOME/.ssh/authorized_keys"
fi
SSH_KEY_PUB_CONTENTS=$(cat $SSH_KEY.pub)
if ! grep "$SSH_KEY_PUB_CONTENTS" "$HOME/.ssh/authorized_keys"; then
  echo "Adding SSH key to authorized keys."
  echo $SSH_KEY_PUB_CONTENTS >> $HOME/.ssh/authorized_keys
fi

# Add the localhost authentication key to .known_hosts
SSH_SERVER_AUTH_KEY_CONTENTS=$(ssh-keyscan -t ecdsa-sha2-nistp256 localhost 2>/dev/null)

if [[ ! -f "$HOME/.ssh/known_hosts" ]]; then
  touch "$HOME/.ssh/known_hosts"
fi
if ! grep "SSH_SERVER_AUTH_KEY_CONTENTS" "$HOME/.ssh/known_hosts"; then
  echo "Adding SSH Server auth key to known_hosts"
  echo $SSH_SERVER_AUTH_KEY_CONTENTS >> $HOME/.ssh/known_hosts
fi

echo "Listing contents of directory $PROTECTED_DIRECTORY"
ssh -i $SSH_KEY $USER@localhost "ls -l@O "$PROTECTED_DIRECTORY""