dbc- 🔒 Secure remote connections with Dropbear 🐻 |
git clone git://git.acid.vegas/dbc.git |
Log | Files | Refs | Archive | README |
dbc (2866B)
1 #!/bin/sh 2 # Dropbear Connect Script (DBC) - Developed by acidvegas (https://git.acid.vegas/void) 3 4 # Dropbear config must be stored in pass in the following format: 5 # NAME USER HOST PORT JUMP 6 # 7 # JUMP is optional and can be used to specify a host that should use your jump host. 8 # If JUMP is set to x, the script will use the jump host to connect to the end host. 9 # There should only be one jump host in the config file and it should be named 'jump'. 10 # 11 # Example: 12 # jump acidvegas 68.192.37.5 5902 13 # hatebox acidvegas 100.151.45.10 2023 x 14 # aws admin 45.16.150.203 22 15 # 16 # Useful commands: 17 # Git usage : git config core.sshCommand "dbclient -i ~/.ssh/key" 18 # Generate private key : dropbearkey -t ed25519 -f ~/.dropbear/key | grep "ssh-ed25519" 19 # Get public key : dropbearkey -y -f ~/.dropbear/key | head -n 2 | tail -n 1 20 21 # Config 22 PASS_PATH="$HOME/.scripts/pass" # Path to the pass script 23 PASS_DROPBEAR="dropbear" # Name of entry in pass for the dropbear config 24 PASS_DROPBEAR_KEY="dropbear_key" # Name of entry in pass for the dropbear key 25 26 load_host() { 27 CONFIG_DATA="$1" 28 NAME="$2" 29 MATCHING_LINES=$(printf "%s\n" "$CONFIG_DATA" | grep "^$NAME ") 30 LINE_COUNT=$(printf "%s\n" "$MATCHING_LINES" | wc -l) 31 if [ "$LINE_COUNT" -ne 1 ]; then 32 echo "Error: The NAME '$NAME' matches multiple or no lines." && return 1 33 fi 34 MATCHING_LINES=$(printf "%s\n" "$MATCHING_LINES" | tr -s '[:space:]' ' ') 35 line_name=$(echo $MATCHING_LINES | cut -d ' ' -f 1) 36 line_user=$(echo $MATCHING_LINES | cut -d ' ' -f 2) 37 line_host=$(echo $MATCHING_LINES | cut -d ' ' -f 3) 38 line_port=$(echo $MATCHING_LINES | cut -d ' ' -f 4) 39 line_jump=$(echo $MATCHING_LINES | cut -d ' ' -f 5) 40 printf "%s@%s^%s%s" "$line_user" "$line_host" "$line_port" "$line_jump" 41 } 42 43 cleanup() { 44 rm -f "$TMP_KEY" 45 } 46 47 # Check if the name argument is provided 48 if [ $# -ne 1 ]; then 49 echo "usage: $0 [name]" && exit 1 50 fi 51 52 # Read the name argument 53 NAME=$1 54 55 # Read the config data 56 CONFIG_DATA=$($PASS_PATH $PASS_DROPBEAR) 57 58 # Check if the config data is read successfully 59 if [ $? -ne 0 ]; then 60 echo "error: can not read config data" && exit 1 61 fi 62 63 # Decrypt the dropbear key to a temporary file 64 TMP_KEY=$(mktemp /tmp/tmp.XXXXXXXXXX) 65 $PASS_PATH $PASS_DROPBEAR_KEY > "$TMP_KEY" 66 chmod 600 "$TMP_KEY" 67 68 # Set up cleanup on exit 69 trap cleanup EXIT 70 71 # Remove the temporary key after 10 seconds (timebomb) 72 printf "sleep 10 && rm -f $TMP_KEY &" | sh & 73 74 # Load the host data 75 JUMP_HOST=$(load_host "$CONFIG_DATA" "jump") 76 END_HOST=$(load_host "$CONFIG_DATA" "$NAME") 77 JUMP_CHECK=$(printf "$END_HOST" | rev | cut -c1) 78 79 # Connect to the host 80 if [ $JUMP_CHECK = "x" ]; then 81 END_HOST=$(printf $END_HOST | rev | cut -c2- | rev) 82 dbclient -K 60 -i "$TMP_KEY" $JUMP_HOST,$END_HOST 83 else 84 dbclient -K 60 -i "$TMP_KEY" $END_HOST 85 fi