dbc

- 🔒 Secure remote connections with Dropbear 🐻
git clone git://git.acid.vegas/dbc.git
Log | Files | Refs | Archive | README

dbc (2866B)

      1 #!/bin/sh
      2 # Dropbear Connect Script (DBC) - Developed by acidvegas (https://git.acid.vegas/void)
      3 
      4 # Dropbear config must be stored in pass in the following format:
      5 #   NAME USER HOST PORT JUMP
      6 #
      7 # JUMP is optional and can be used to specify a host that should use your jump host.
      8 # If JUMP is set to x, the script will use the jump host to connect to the end host.
      9 # There should only be one jump host in the config file and it should be named 'jump'.
     10 #
     11 # Example:
     12 #   jump    acidvegas 68.192.37.5   5902
     13 #   hatebox acidvegas 100.151.45.10 2023 x
     14 #   aws     admin     45.16.150.203 22
     15 #
     16 # Useful commands:
     17 #   Git usage            : git config core.sshCommand "dbclient -i ~/.ssh/key"
     18 #   Generate private key : dropbearkey -t ed25519 -f ~/.dropbear/key | grep "ssh-ed25519"
     19 #   Get public key       : dropbearkey -y -f ~/.dropbear/key | head -n 2 | tail -n 1
     20 
     21 # Config
     22 PASS_PATH="$HOME/.scripts/pass"  # Path to the pass script
     23 PASS_DROPBEAR="dropbear"         # Name of entry in pass for the dropbear config
     24 PASS_DROPBEAR_KEY="dropbear_key" # Name of entry in pass for the dropbear key
     25 
     26 load_host() {
     27     CONFIG_DATA="$1"
     28     NAME="$2"
     29     MATCHING_LINES=$(printf "%s\n" "$CONFIG_DATA" | grep "^$NAME ")
     30     LINE_COUNT=$(printf "%s\n" "$MATCHING_LINES" | wc -l)
     31     if [ "$LINE_COUNT" -ne 1 ]; then
     32         echo "Error: The NAME '$NAME' matches multiple or no lines." && return 1
     33     fi
     34     MATCHING_LINES=$(printf "%s\n" "$MATCHING_LINES" | tr -s '[:space:]' ' ')
     35     line_name=$(echo $MATCHING_LINES | cut -d ' ' -f 1)
     36     line_user=$(echo $MATCHING_LINES | cut -d ' ' -f 2)
     37     line_host=$(echo $MATCHING_LINES | cut -d ' ' -f 3)
     38     line_port=$(echo $MATCHING_LINES | cut -d ' ' -f 4)
     39     line_jump=$(echo $MATCHING_LINES | cut -d ' ' -f 5)
     40     printf "%s@%s^%s%s" "$line_user" "$line_host" "$line_port" "$line_jump"
     41 }
     42 
     43 cleanup() {
     44     rm -f "$TMP_KEY"
     45 }
     46 
     47 # Check if the name argument is provided
     48 if [ $# -ne 1 ]; then
     49     echo "usage: $0 [name]" && exit 1
     50 fi
     51 
     52 # Read the name argument
     53 NAME=$1
     54 
     55 # Read the config data
     56 CONFIG_DATA=$($PASS_PATH $PASS_DROPBEAR)
     57 
     58 # Check if the config data is read successfully
     59 if [ $? -ne 0 ]; then
     60     echo "error: can not read config data" && exit 1
     61 fi
     62 
     63 # Decrypt the dropbear key to a temporary file
     64 TMP_KEY=$(mktemp /tmp/tmp.XXXXXXXXXX)
     65 $PASS_PATH $PASS_DROPBEAR_KEY > "$TMP_KEY"
     66 chmod 600 "$TMP_KEY"
     67 
     68 # Set up cleanup on exit
     69 trap cleanup EXIT
     70 
     71 # Remove the temporary key after 10 seconds (timebomb)
     72 printf "sleep 10 && rm -f $TMP_KEY &" | sh &
     73 
     74 # Load the host data
     75 JUMP_HOST=$(load_host "$CONFIG_DATA" "jump")
     76 END_HOST=$(load_host "$CONFIG_DATA" "$NAME")
     77 JUMP_CHECK=$(printf "$END_HOST" | rev | cut -c1)
     78 
     79 # Connect to the host
     80 if [ $JUMP_CHECK = "x" ]; then
     81     END_HOST=$(printf $END_HOST | rev | cut -c2- | rev)
     82     dbclient -K 60 -i "$TMP_KEY" $JUMP_HOST,$END_HOST
     83 else
     84     dbclient -K 60 -i "$TMP_KEY" $END_HOST
     85 fi