| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 |
- #Copyright (C) 2016,2023 Weber Yann
- #
- #This program is free software; you can redistribute it and/or modify
- #it under the terms of the GNU General Public License as published by
- #the Free Software Foundation; either version 3 of the License, or
- #any later version.
- #
- #This program is distributed in the hope that it will be useful,
- #but WITHOUT ANY WARRANTY; without even the implied warranty of
- #MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- #GNU General Public License for more details.
- #
- #You should have received a copy of the GNU General Public License
- #along with this program. If not, see <http://www.gnu.org/licenses/>.
-
- #
- # SSH checks
- #
-
- check_ssh_nc() {
- host=$1
- port=$2
-
- if [ -z "$port" ]
- then
- port=22
- fi
-
- rep="$(nc -w1 "$host" "$port" </dev/null)"
- res=$?
- if [ "$res" -ne "0" ]
- then
- fail "Netcat unable to connect to $host:$port"
- return
- fi
- if echo "$rep" | grep "^SSH-2.0-OpenSSH" >/dev/null
- then
- success "OpenSSH replied on $host:$port"
- else
- fail "Bad reply from $host:$port : '$rep'"
- fi
- }
-
- check_ssh_key() {
- host="$1"
- testkey="$2"
- keytype="$3"
- port="$4"
-
- if [ -z "$port" ]
- then
- port=22
- fi
-
- if [ -z "$keytype" ]
- then
- keytype="rsa"
- fi
-
- key=$(ssh-keyscan -p $port -t "$keytype" "$host" 2>/dev/null | cut -d " " -f3)
-
- if [ -z "$key" ]
- then
- fail "SSH server not responding"
- return
- elif [ "$key" = "$testkey" ]
- then
- success "OpenSSH $host:$port key is $testkey"
- return
- else
- fail "OpenSSH $host:$port missmatch : "
- logdate ERR "Expected : $testkey" 1
- logdate ERR "Received : $key" 1
- return
- fi
- }
|
