diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2017-03-29 22:18:07 -0300 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2017-03-29 22:18:07 -0300 |
commit | 96c1c6a94904b9a408ecfa87e0f488acdc724422 (patch) | |
tree | 20a8639bb510ae04c5965c7b9418f4cad015f677 /kvmx | |
parent | 3e675f63676e2a0a7e3e9b787d38a926685c9a04 (diff) | |
download | kvmx-96c1c6a94904b9a408ecfa87e0f488acdc724422.tar.gz kvmx-96c1c6a94904b9a408ecfa87e0f488acdc724422.tar.bz2 |
Adds SSH key rotation action
Diffstat (limited to 'kvmx')
-rwxr-xr-x | kvmx | 16 |
1 files changed, 16 insertions, 0 deletions
@@ -671,6 +671,22 @@ function kvmx_log { tail -F $logs } +# Rotate SSH keys +function kvmx_rotate_sshkeys { + # Generate new keypair + SSHKEY="$STORAGE/$VM.key" + $DIRNAME/kvmx-keygen $SSHKEY.new "$user@`basename $image .img`" + + # Replace pubkey on server + echo "touch ~/.ssh/authorized_keys.new && chmod 600 ~/.ssh/authorized_keys.new" | kvmx_ssh + cat $SSHKEY.new.pub | kvmx_ssh "tee ~/.ssh/authorized_keys.new &> /dev/null" + echo "mv ~/.ssh/authorized_keys.new ~/.ssh/authorized_keys" | kvmx_ssh + + # Replace keypair locally + mv $SSHKEY.new $SSHKEY + mv $SSHKEY.new.pub $SSHKEY.pub +} + # Dispatch if type kvmx_$ACTION 2> /dev/null | grep -q 'function'; then __kvmx_initialize |