From: Antoine Beaupré <anarcat@debian.org>
Date: Tue, 25 Feb 2020 19:46:43 +0000 (-0500)
Subject: add .ssh/authorized_keys support for --sshcopyid
X-Git-Tag: v0.92~2^2
X-Git-Url: https://git.grml.org/?p=grml-debootstrap.git;a=commitdiff_plain;h=07e835eac738681f6c304584fca8bfe373c24365

add .ssh/authorized_keys support for --sshcopyid

We retain backwards compatibility, that is: we use keys from the agent
by default. But if unavailable, we tap into the ~/.ssh/authorized_keys
file (or whatever is specified by the $AUTHORIZED_KEYS_SOURCE
environment).

The target SSH directory can be changed with $AUTHORIZED_KEYS_TARGET.

Closes: #151
---

diff --git a/grml-debootstrap b/grml-debootstrap
index 4957e8f..c9bf40e 100755
--- a/grml-debootstrap
+++ b/grml-debootstrap
@@ -1798,6 +1798,8 @@ iface ${interface} inet dhcp
   fi
 
   if [ -n "${SSHCOPYID}" ] ; then
+    AUTHORIZED_KEYS_SOURCE=${AUTHORIZED_KEYS_SOURCE:-$HOME/.ssh/authorized_keys}
+    AUTHORIZED_KEYS_TARGET=${AUTHORIZED_KEYS_TARGET:-$MNTPOINT/root/.ssh/}
     if ssh-add -L >/dev/null 2>&1 ; then
       einfo "Use locally available public keys to authorise root login on the target system as requested via --sshcopyid option."
       mkdir -p "${MNTPOINT}"/root/.ssh
@@ -1809,6 +1811,17 @@ iface ${interface} inet dhcp
         eend 1
         bailout 1
       fi
+    elif [ -f "$AUTHORIZED_KEYS_SOURCE" ]; then
+      einfo "copying '$AUTHORIZED_KEYS_SOURCE' to '$AUTHORIZED_KEYS_TARGET' as requested via --sshcopyid option."
+      mkdir -p "$AUTHORIZED_KEYS_TARGET"
+      chmod 0700 "$AUTHORIZED_KEYS_TARGET"
+      if cp "$AUTHORIZED_KEYS_SOURCE" "$AUTHORIZED_KEYS_TARGET" ; then
+        eend 0
+      else
+        eerror "Error: copying '$AUTHORIZED_KEYS_SOURCE' to '$AUTHORIZED_KEYS_TARGET' failed"
+        eend 1
+        bailout 1
+      fi
     else
       eerror "Could not open a connection to your authentication agent or the agent has no identites."
       eend 1