Skip to content

Instantly share code, notes, and snippets.

@geektheripper
Created March 27, 2021 15:03
Show Gist options
  • Save geektheripper/5232ed42ce9068181e8f9d0f64ed2798 to your computer and use it in GitHub Desktop.
Save geektheripper/5232ed42ce9068181e8f9d0f64ed2798 to your computer and use it in GitHub Desktop.
套娃 ssh 转发,转发私钥登录的 ssh 为密码登录
#!/usr/bin/env bash
SP_USER=geektr
SP_PORT=2222
# in docker:
# create user and echo it's password
if [[ "$IN_DOCKER" == "true" ]]; then
SP_PASSWD="$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 8 | head -n 1)"
echo "=================="
echo "password: $SP_PASSWD"
echo "=================="
ssh-keygen -A
adduser $SP_USER -s /bin/matryoshka -D
echo "$SP_USER:$SP_PASSWD" | chpasswd
/usr/sbin/sshd -D -e -f /etc/ssh/sshd_config
exit
fi
# as user shell in ssh in docker:
# ssh to target server
if [[ "$SHELL" == "/bin/matryoshka" ]]; then
ssh -i /key -o StrictHostKeyChecking=no root@kyou.geektr.co
fi
# run in workspace and ssh-proxy not create yet:
# create it
if [[ "$(docker ps -f 'Name=ssh-proxy' -q)" == "" ]]; then
docker run -it --rm --name ssh-proxy \
-v "$HOME/.ssh/keys/geektr.co/root:/key" \
-v "$PWD/matryoshka.sh:/bin/matryoshka" \
-e IN_DOCKER=true \
-p 2222:22 \
geektr/alpine-ssh /bin/matryoshka
exit
fi
# run in workspace and ssh-proxy created:
# clear fingerprint and connect to it
ssh-keygen -f "/home/geektr/.ssh/known_hosts" -R '[localhost]:'"$SP_PORT"
ssh -p 2222 -o StrictHostKeyChecking=no geektr@localhost
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment