numbus/Numbus
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Debugging SSH setup.

Browse Source
This commit is contained in:
Raphaël Numbus
2026-05-29 21:01:45 +02:00
parent f186ac502a
commit bf33639749
1 changed files with 10 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files
script/deploy.sh
+10 -66
View File
@@ -110,76 +110,20 @@ hierarchy_preparation() {
}
setup_ssh() {
edit_var() {
local ERROR_CODE=${1}
if [[ "${ERROR_CODE}" == "225" ]]; then
echo -e "\n ❌ Invalid password for ${TARGET_USER}@${LIVE_TARGET_IP}."
elif [[ "${ERROR_CODE}" == "226" ]]; then
echo -e "\n ❌ The IP address you specified cannot be reached."
else
echo -e "\n ❌ An unexpected SSH error occurred (Code: ${ERROR_CODE})."
fi
echod "\n ✅ Generating new SSH key for numbus-admin..."
echo -e " Please check the credentials provided in the configuration."
echo -e "\n Here are the current settings :
Target IP address : $(gum style --italic \"${LIVE_TARGET_IP}\")
Target password : $(gum style --italic \"${LIVE_TARGET_PASSWORD}\")"
chmod 700 ${EXTRA_FILES_PATH}/home/numbus-admin/.ssh/
ssh-keygen -t "ed25519" -C "numbus-admin@numbus-server" -f "${EXTRA_FILES_PATH}/home/numbus-admin/.ssh/id_ed25519" -N "" -q
if ! gum confirm "Are these correct ?"; then
get_valid_input "LIVE_TARGET_IP" "\n ➡️ Provide the IP address of your machine in a NixOS live environment :" "192.168.1.100" "${IP_REGEX}"
get_valid_input "LIVE_TARGET_PASSWORD" "\n ➡️ Provide the password of your machine in a NixOS live environment :" "password" "" "true" "true"
fi
echod "\n ➡️ Copying SSH key to target host '${TARGET_USER}@${LIVE_TARGET_IP}'..."
if ! gum confirm "Retry connection ?"; then
echo -e "\n ❌ Aborted by user."
exit 1
fi
}
if sshpass -p "${LIVE_TARGET_PASSWORD}" ssh-copy-id -o StrictHostKeyChecking=no -i "${EXTRA_FILES_PATH}/home/numbus-admin/.ssh/id_ed25519" "${TARGET_USER}@${LIVE_TARGET_IP}"; then
echod "\n ✅ SSH key copied successfully"
else
echo -e "\n ❌ Failed to copy SSH key. Please check the host IP and password."
exit 1
fi
local KNOWN_HOSTS="${HOME}/.ssh/known_hosts"
echod "\n ➡️ Generating new SSH key for numbus-admin..."
mkdir -p "$(dirname "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519")"
chmod 700 "$(dirname "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519")"
ssh-keygen -t "ed25519" -C "numbus-admin@numbus-${DEVICE_TYPE}" -f "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519" -N "" -q
echod "\n ➡️ Copying SSH key to target host '${TARGET_USER}@${LIVE_TARGET_IP}'..."
while true; do
if sshpass -p "${LIVE_TARGET_PASSWORD}" ssh-copy-id -o StrictHostKeyChecking=no -o ConnectTimeout=5 -i "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519" "${TARGET_USER}@${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"; then
echod "\n ✅ SSH key copied successfully"
return 0
else
local EXIT_CODE=$?
if [[ ${EXIT_CODE} -eq 5 ]]; then
edit_var "225"
elif ! ping -c 1 -W 2 "${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"; then
edit_var "226"
elif [[ -f "${KNOWN_HOSTS}" ]] && ssh-keygen -F "${LIVE_TARGET_IP}" -f "${KNOWN_HOSTS}" > /dev/null 2>&1; then
echo -e "\n ⚠️ The SSH fingerprint for the selected IP address $(gum style --italic "\"${LIVE_TARGET_IP}\"") is not the same as the one in $(gum style --italic "\".ssh/known_hosts\"").
This could occur for multiple reasons :
- You ran this script multiple times
- Your live machine uses an IP address that was used by another devices you SSHed in
- You are under a Man-In-The-Middle attack
- Other
The script $(gum style --bold "cannot continue") without the correct fingerprint installed.
If you are unsure, it is always better to check manually.\n"
gum confirm "Remove the old fingerprint and accept the new one ?" || {
echo -e "\n ❌ SSH fingerprints don't match.";
exit 22;
}
ssh-keygen -f "${KNOWN_HOSTS}" -R "${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"
else
# Catch-all for other SSH failures (Permission denied, Connection refused, etc)
edit_var "${EXIT_CODE}"
fi
fi
done
}
hardware_detection() {