Skip to content

Instantly share code, notes, and snippets.

@rhodrid
Forked from xfreebird/customsshd
Last active September 1, 2020 07:54
Show Gist options
  • Save rhodrid/69fefb3f66791eaa0f6a to your computer and use it in GitHub Desktop.
Save rhodrid/69fefb3f66791eaa0f6a to your computer and use it in GitHub Desktop.
#!/bin/bash
INSTALL_PATH="$HOME/scripts"
SCRIPT_PATH="$INSTALL_PATH/customsshd"
LAUNCHCTL_PATH="$HOME/Library/LaunchAgents/com.my.customsshd.plist"
SSH_KEYS_INSTALL_PATH=$HOME/customkeys
SSH_HOST_RSA_KEY=$SSH_KEYS_INSTALL_PATH/ssh_host_rsa_key
SSHD_PORT=50111
SSH_AUTHORIZED_KEYS_PATH="$HOME/.ssh/authorized_keys"
[ ! -f $SSH_HOST_RSA_KEY ] && ssh-keygen -q -t rsa -f $SSH_HOST_RSA_KEY -N "" -C "" < /dev/null > /dev/null 2> /dev/null
# Add you public rsa key here, the authentication is ssh key based
CUSTOM_ID_RSA_PUBKEY="ssh-rsa AAAAB3NzaC1yc2dfgdfgDAQABAAABAQDRGnX9NX4K/D3Ex5NF514AyUxQCu/+nJnjyZudY5+dsfsdfewrwedgdfg/+MCTCQ6pO0RQ42dH5P41bBD5nju9yDyfK6pfUz89vwqwC5HtAOC27VWU/dfgdfg/3B1jlR5i7zzUUmMojSNZTRIFy/dffgdg/ICLObc6kwF4hSdGCpdbzDpLyCXSDQDjAJbBb//cgB4gqBcv3Nc7sh3woT7J9JH6aHFAgmn5R5dwL3P [email protected]"
# Insert the key if it is not in authorized_keys
function verifyPubKey() {
if [ -f "$SSH_AUTHORIZED_KEYS_PATH" ]; then
PUBKEYEXISTS=`grep -q "$CUSTOM_ID_RSA_PUBKEY" "$SSH_AUTHORIZED_KEYS_PATH"`
if [[ $? -eq 1 ]]; then
injectPubKey
fi
else
injectPubKey
fi
}
function injectPubKey() {
echo "$CUSTOM_ID_RSA_PUBKEY" >> "$SSH_AUTHORIZED_KEYS_PATH"
chmod 600 "$SSH_AUTHORIZED_KEYS_PATH"
}
function runSSHD() {
/usr/sbin/sshd -D -p $SSHD_PORT -h $SSH_HOST_RSA_KEY -o UsePam=yes -o Protocol=1,2 -o PubkeyAuthentication=yes
}
function installLaunchAgent() {
cat > "$LAUNCHCTL_PATH" << EOF
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.my.customsshd</string>
<key>Program</key>
<string>$SCRIPT_PATH</string>
<key>RunAtLoad</key>
<true/>
<key>KeepAlive</key>
<true/>
<key>StandardOutPath</key>
<string>/tmp/customsshd.log</string>
<key>StandardErrorPath</key>
<string>/tmp/customsshd_err.log</string>
</dict>
</plist>
EOF
launchctl load -w "$LAUNCHCTL_PATH"
echo "customsshd has been installed"
}
# If anything passed as argument, just install the script
# example:
# ./customsshd install
if [ $# -eq 1 ]; then
installLaunchAgent
exit 0
fi
verifyPubKey
while true; do
runSSHD
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment