numbus/Numbus
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Debugging SSH setup.

Browse Source
This commit is contained in:
Raphaël Numbus
2026-05-29 21:02:42 +02:00
parent bf33639749
commit c61a45e5d7
1 changed files with 66 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
script/deploy.sh
+66 -10
View File
@@ -110,20 +110,76 @@ hierarchy_preparation() {
}
setup_ssh() {
echod "\n ✅ Generating new SSH key for numbus-admin..."
edit_var() {
local ERROR_CODE=${1}
if [[ "${ERROR_CODE}" == "225" ]]; then
echo -e "\n ❌ Invalid password for ${TARGET_USER}@${LIVE_TARGET_IP}."
elif [[ "${ERROR_CODE}" == "226" ]]; then
echo -e "\n ❌ The IP address you specified cannot be reached."
else
echo -e "\n ❌ An unexpected SSH error occurred (Code: ${ERROR_CODE})."
fi
chmod 700 ${EXTRA_FILES_PATH}/home/numbus-admin/.ssh/
ssh-keygen -t "ed25519" -C "numbus-admin@numbus-server" -f "${EXTRA_FILES_PATH}/home/numbus-admin/.ssh/id_ed25519" -N "" -q
echo -e " Please check the credentials provided in the configuration."
echo -e "\n Here are the current settings :
Target IP address : $(gum style --italic \"${LIVE_TARGET_IP}\")
Target password : $(gum style --italic \"${LIVE_TARGET_PASSWORD}\")"
echod "\n ➡️ Copying SSH key to target host '${TARGET_USER}@${LIVE_TARGET_IP}'..."
if ! gum confirm "Are these correct ?"; then
get_valid_input "LIVE_TARGET_IP" "\n ➡️ Provide the IP address of your machine in a NixOS live environment :" "192.168.1.100" "${IP_REGEX}"
get_valid_input "LIVE_TARGET_PASSWORD" "\n ➡️ Provide the password of your machine in a NixOS live environment :" "password" "" "true" "true"
fi
if sshpass -p "${LIVE_TARGET_PASSWORD}" ssh-copy-id -o StrictHostKeyChecking=no -i "${EXTRA_FILES_PATH}/home/numbus-admin/.ssh/id_ed25519" "${TARGET_USER}@${LIVE_TARGET_IP}"; then
echod "\n ✅ SSH key copied successfully"
else
echo -e "\n ❌ Failed to copy SSH key. Please check the host IP and password."
exit 1
fi
if ! gum confirm "Retry connection ?"; then
echo -e "\n ❌ Aborted by user."
exit 1
fi
}
local KNOWN_HOSTS="${HOME}/.ssh/known_hosts"
echod "\n ➡️ Generating new SSH key for numbus-admin..."
mkdir -p "$(dirname "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519")"
chmod 700 "$(dirname "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519")"
ssh-keygen -t "ed25519" -C "numbus-admin@numbus-${DEVICE_TYPE}" -f "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519" -N "" -q
echod "\n ➡️ Copying SSH key to target host '${TARGET_USER}@${LIVE_TARGET_IP}'..."
while true; do
if sshpass -p "${LIVE_TARGET_PASSWORD}" ssh-copy-id -o StrictHostKeyChecking=no -o ConnectTimeout=5 -i "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519" "${TARGET_USER}@${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"; then
echod "\n ✅ SSH key copied successfully"
return 0
else
local EXIT_CODE=$?
if [[ ${EXIT_CODE} -eq 5 ]]; then
edit_var "225"
elif ! ping -c 1 -W 2 "${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"; then
edit_var "226"
elif [[ -f "${KNOWN_HOSTS}" ]] && ssh-keygen -F "${LIVE_TARGET_IP}" -f "${KNOWN_HOSTS}" > /dev/null 2>&1; then
echo -e "\n ⚠️ The SSH fingerprint for the selected IP address $(gum style --italic "\"${LIVE_TARGET_IP}\"") is not the same as the one in $(gum style --italic "\".ssh/known_hosts\"").
This could occur for multiple reasons :
- You ran this script multiple times
- Your live machine uses an IP address that was used by another devices you SSHed in
- You are under a Man-In-The-Middle attack
- Other
The script $(gum style --bold "cannot continue") without the correct fingerprint installed.
If you are unsure, it is always better to check manually.\n"
gum confirm "Remove the old fingerprint and accept the new one ?" || {
echo -e "\n ❌ SSH fingerprints don't match.";
exit 22;
}
ssh-keygen -f "${KNOWN_HOSTS}" -R "${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"
else
# Catch-all for other SSH failures (Permission denied, Connection refused, etc)
edit_var "${EXIT_CODE}"
fi
fi
done
}
hardware_detection() {