]>
Commit | Line | Data |
---|---|---|
fcbdf67a IB |
1 | #!/usr/bin/env bash |
2 | ||
3 | LDAPSEARCH=ldapsearch | |
4 | ||
5 | LDAP_BIND="cn=ssh,ou=services,dc=immae,dc=eu" | |
6 | LDAP_PASS=$(cat /etc/ssh/ldap_password) | |
7 | LDAP_HOST="ldap.immae.eu" | |
8 | LDAP_BASE="dc=immae,dc=eu" | |
9 | LDAP_FILTER="(memberOf=cn=users,cn=ftp,ou=services,dc=immae,dc=eu)" | |
10 | ||
11 | handle_keys() { | |
12 | uids="$1" | |
13 | keys="$2" | |
14 | if [ -n "$uids" ]; then | |
15 | for uid in $uids; do | |
16 | echo "$keys" | while read key; do | |
17 | if [ -n "$key" ]; then | |
18 | ssh-keygen -e -f <(echo "$key") | |
19 | fi | |
20 | done > /var/lib/proftpd/authorized_keys/$uid | |
21 | done | |
22 | fi | |
23 | } | |
24 | ||
25 | mkdir -p /var/lib/proftpd/authorized_keys | |
26 | ||
27 | while read i; do | |
28 | if [[ "$i" =~ ^dn: ]]; then | |
29 | handle_keys "$uids" "$keys" | |
30 | uids="" | |
31 | keys="" | |
32 | fi; | |
33 | if [[ "$i" =~ ^uid: ]]; then | |
34 | uids="$uids ${i#uid: }" | |
35 | fi | |
36 | if [[ "$i" =~ ^immaeSshKey: ]]; then | |
37 | key="${i#immaeSshKey: }" | |
38 | if [[ "$key" =~ ^ssh- ]]; then | |
39 | keys="$keys | |
40 | $key" | |
41 | elif echo "$key" | cut -d" " -f1 | grep -q "\bftp\b"; then | |
42 | keys="$keys | |
43 | $(echo "$key" | cut -d" " -f2-)" | |
44 | fi | |
45 | fi | |
46 | done < <(ldapsearch -h "$LDAP_HOST" -ZZ -LLL -D "$LDAP_BIND" -w "$LDAP_PASS" -b "$LDAP_BASE" -x -o ldif-wrap=no "$LDAP_FILTER" uid immaeSshKey) | |
47 | handle_keys "$uids" "$keys" |