From f6063fe153616467ea39fb46c0769e0eda911964 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Numbus?= Date: Fri, 29 May 2026 16:53:24 +0200 Subject: [PATCH] Improved the SSH error handling. --- script/deploy.sh | 34 ++++++++++++++++++++++++++++++---- script/error_codes.md | 2 ++ 2 files changed, 32 insertions(+), 4 deletions(-) diff --git a/script/deploy.sh b/script/deploy.sh index 6f2fe80..9ab92eb 100755 --- a/script/deploy.sh +++ b/script/deploy.sh @@ -118,11 +118,18 @@ setup_ssh() { echod "\n ➡️ Copying SSH key to target host '${TARGET_USER}@${LIVE_TARGET_IP}'..." while true; do - if sshpass -p "${LIVE_TARGET_PASSWORD}" ssh-copy-id -o StrictHostKeyChecking=no -i "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519" "${TARGET_USER}@${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"; then + if sshpass -p "${LIVE_TARGET_PASSWORD}" ssh-copy-id -o StrictHostKeyChecking=no -o ConnectTimeout=10 -i "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519" "${TARGET_USER}@${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"; then echod "\n ✅ SSH key copied successfully" break else - echo -e "\n ⚠️ The SSH fingerprint for the selected IP address $(gum style --italic "\"${LIVE_TARGET_IP}\"") is not the same as the one in $(gum style --italic "\".ssh/known_hosts\""). + local EXIT_CODE=$? + if [[ ${EXIT_CODE} -eq 5 ]]; then + echo -e "\n ❌ Invalid password for ${TARGET_USER}@${LIVE_TARGET_IP}. Please check the credentials provided in the configuration." + exit 225 + fi + + if ssh-keygen -F "${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"; then + echo -e "\n ⚠️ The SSH fingerprint for the selected IP address $(gum style --italic "\"${LIVE_TARGET_IP}\"") is not the same as the one in $(gum style --italic "\".ssh/known_hosts\""). This could occur for multiple reasons : - You ran this script multiple times @@ -133,8 +140,27 @@ setup_ssh() { The script $(gum style --bold "cannot continue") without the correct fingerprint installed. If you are unsure, it is always better to check manually.\n" - gum confirm "Remove the old fingerprint and accept the new one ?" || { echo -e "\n\n ❌ SSH fingerprints don't match."; exit 22; } - sed -i "/${LIVE_TARGET_IP}/d" "/home/${USER}/.ssh/known_hosts" + gum confirm "Remove the old fingerprint and accept the new one ?" || { echo -e "\n\n ❌ SSH fingerprints don't match."; exit 22; } + ssh-keygen -R "${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}" + fi + + while true do; + if ! ping -c 2 "${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"; then + echo -e "\n ❌ The IP address you specified cannot be reached." + echo -e "\n Here are the current settings : + Target IP address : $(gum style --italic \"${LIVE_TARGET_IP}\") + Target password : $(gum style --italic \"${LIVE_TARGET_PASSWORD}\")" + gum confirm "Are these correct ?" || { + get_valid_input "LIVE_TARGET_IP" "\n ➡️ Provide the IP address of your machine in a NixOS live environment :" "192.168.1.100" "IP_REGEX"; + get_valid_input "LIVE_TARGET_IP" "\n ➡️ Provide the password of your machine in a NixOS live environment :" "password" "IP_REGEX" "true" "true"; + break; + } + gum confirm "Retry connection ?" || { echo -e "\n ❌ Host unreachable or connection refused."; exit 226; } + continue + else + break + fi + done fi done } diff --git a/script/error_codes.md b/script/error_codes.md index 92f7870..f5a942f 100644 --- a/script/error_codes.md +++ b/script/error_codes.md @@ -1,3 +1,5 @@ 0: successful. 1: error. +225: Bad SSH credentials. +226: Host unreachable or connection refused. 22: SSH fingerprint in `known_hosts` for the IP is different than the current one. \ No newline at end of file