Debugging SSH setup.

2026-05-29 21:28:09 +02:00
parent a3fc5e8f17
commit 1f508ad264
1 changed files with 50 additions and 14 deletions
@@ -110,23 +110,60 @@ hierarchy_preparation() {
 }

 setup_ssh() {
-  echod "\n ✅ Generating new SSH key for numbus-admin..."
+  edit_var() {
+    echo -e "${1}"
+    echo -e "   Please check the credentials provided in the configuration."
+    echo -e "\n ➡️ Here are the current settings :
+  Target IP address : $(gum style --italic "\"${LIVE_TARGET_IP}\"")
+  Target password : $(gum style --italic "\"${LIVE_TARGET_PASSWORD}\"")"
+    gum confirm "Are these correct ?" || { 
+      get_valid_input "LIVE_TARGET_IP" "\n ➡️ Provide the IP address of your machine in a NixOS live environment :" "192.168.1.100" "IP_REGEX";
+      get_valid_input "LIVE_TARGET_IP" "\n ➡️ Provide the password of your machine in a NixOS live environment :" "password" "" "true" "true";
+      continue;
+    }
+    gum confirm "Retry connection ?" || { 
+      echo -e "\n ❌ Host unreachable or connection refused.";
+      exit 226;
+    }
+  }

-  chmod 700 ${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/
-  ssh-keygen -t "ed25519" -C "numbus-admin@numbus-server" -f "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519" -N "" -q
+  echod "\n ➡️ Generating new SSH key for numbus-admin..."

-  echod "\n ➡️  Copying SSH key to target host '${TARGET_USER}@${LIVE_TARGET_IP}'..."
+  chmod 700 "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/"
+  ssh-keygen -t "ed25519" -C "numbus-admin@numbus-${DEVICE_TYPE}" -f "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519" -N "" -q

-  echo $LIVE_TARGET_IP
-  echo $LIVE_TARGET_PASSWORD
+  echod "\n ➡️ Copying SSH key to target host '${TARGET_USER}@${LIVE_TARGET_IP}'..."

-  if sshpass -p "${LIVE_TARGET_PASSWORD}" ssh-copy-id -o StrictHostKeyChecking=no -i "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519" "${TARGET_USER}@${LIVE_TARGET_IP}"; then
-    echod "\n ✅ SSH key copied successfully"
-  else
-    echo -e "\n ❌ Failed to copy SSH key. Please check the host IP and password."
-    exit 1
-  fi
+  while true; do
+    if sshpass -p "${LIVE_TARGET_PASSWORD}" ssh-copy-id -o StrictHostKeyChecking=no -o ConnectTimeout=10 -i "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519" "${TARGET_USER}@${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"; then
+      echod "\n ✅ SSH key copied successfully"
+      return 0
+    else
+      local EXIT_CODE=$?
+      if [[ ${EXIT_CODE} -eq 5 ]]; then
+        edit_var "\n ❌ Invalid password for ${TARGET_USER}@${LIVE_TARGET_IP}."
+      elif ! ping -c 2 "${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"; then
+        edit_var "\n ❌ The IP address you specified cannot be reached."
+      elif ssh-keygen -F "${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"; then
+        echo -e "\n ⚠️ The SSH fingerprint for the selected IP address $(gum style --italic "\"${LIVE_TARGET_IP}\"") is not the same as the one in $(gum style --italic "\".ssh/known_hosts\"").

+  This could occur for multiple reasons :
+    - You ran this script multiple times
+    - Your live machine uses an IP address that was used by another devices you SSHed in
+    - You are under a Man-In-The-Middle attack
+    - Other
+
+  The script $(gum style --bold "cannot continue") without the correct fingerprint installed.
+  If you are unsure, it is always better to check manually.\n"
+
+        gum confirm "Remove the old fingerprint and accept the new one ?" || {
+          echo -e "\n ❌ SSH fingerprints don't match.";
+          exit 22;
+        }
+        ssh-keygen -R "${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"
+      fi
+    fi
+  done
 }

 hardware_detection() {
@@ -740,8 +777,7 @@ CONFIG_FILE="web/config/numbus.yaml"

 BRIDGE_SCRIPT="web/logic/interactive.py"

-# default is nixos
-TARGET_USER="numbus-admin"
+TARGET_USER="nixos"

 TMP_EXTRA_PATH="${INSTALL_DIR}/extra"