From de2ad0f7b35c8e6774e829d9fe15adff50d9844e Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Sat, 2 Mar 2019 10:40:56 +0100 Subject: [PATCH] sshcopyid option: exit if `ssh-add -L` fails to execute If a user requested the --sshcopyid option then it's supposed to be run successfully, otherwise it might leave an inaccessible system, so exit with error if execution of `ssh-add -L` fails. While at it: * simplify code (no need for $RC) * don't fail if directory /root/.ssh exists already * append keys to possibly existing /root/.ssh/authorized_keys file, instead of overwriting it --- grml-debootstrap | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/grml-debootstrap b/grml-debootstrap index a87dbab..d5c3f70 100755 --- a/grml-debootstrap +++ b/grml-debootstrap @@ -1764,16 +1764,21 @@ iface ${interface} inet dhcp fi if [ -n "${SSHCOPYID}" ] ; then - ssh-add -L > /dev/null 2>&1 ; RC=$? - if [ $RC -eq 0 ] ; then + if ssh-add -L >/dev/null 2>&1 ; then einfo "Use locally available public keys to authorise root login on the target system as requested via --sshcopyid option." - mkdir "${MNTPOINT}"/root/.ssh + mkdir -p "${MNTPOINT}"/root/.ssh chmod 0700 "${MNTPOINT}"/root/.ssh - ssh-add -L > "${MNTPOINT}"/root/.ssh/authorized_keys - eend 0 + if ssh-add -L >> "${MNTPOINT}"/root/.ssh/authorized_keys ; then + eend 0 + else + eerror "Error: executing 'ssh-add -L' failed." + eend 1 + bailout 1 + fi else - ewarn "Could not open a connection to your authentication agent or the agent has no identites." - eend $? + eerror "Could not open a connection to your authentication agent or the agent has no identites." + eend 1 + bailout 1 fi fi -- 2.1.4