Skip to content

Instantly share code, notes, and snippets.

@lukele
Last active December 6, 2018 18:00
Show Gist options
  • Save lukele/1c6ebfda7493e31e18aeb90f6b2e662f to your computer and use it in GitHub Desktop.
Save lukele/1c6ebfda7493e31e18aeb90f6b2e662f to your computer and use it in GitHub Desktop.
List directory contents of directory protected by SIP / Quarantine
#!/bin/bash
SSH_STATUS_CHECK_CMD="systemsetup -getremotelogin"
SSH_ENABLE_SERVER_CMD="systemsetup -setremotelogin on"
SSH_KEY="$HOME/.ssh/no_sip"
echo $HOME
PROTECTED_DIRECTORY="$1"
# Check if the SSH Server is already enabled
SSH_STATUS=$(sudo $SSH_STATUS_CHECK_CMD)
if echo $SSH_STATUS | grep "Off"; then
echo "SSH Server not running. Starting..."
sudo $SSH_ENABLE_SERVER_CMD
fi
# Check if a SSH private key for pubkey authentication exists.
if [[ ! -f "$SSH_KEY" ]]; then
echo "Creating SSH key for password less SSH autentication"
ssh-keygen -f $SSH_KEY -t ed25519 -N ""
fi
# Check if SSH key is already allowed to authenticate the user
if [[ ! -f "$HOME/.ssh/authorized_keys" ]]; then
touch "$HOME/.ssh/authorized_keys"
fi
SSH_KEY_PUB_CONTENTS=$(cat $SSH_KEY.pub)
if ! grep "$SSH_KEY_PUB_CONTENTS" "$HOME/.ssh/authorized_keys"; then
echo "Adding SSH key to authorized keys."
echo $SSH_KEY_PUB_CONTENTS >> $HOME/.ssh/authorized_keys
fi
# Add the localhost authentication key to .known_hosts
SSH_SERVER_AUTH_KEY_CONTENTS=$(ssh-keyscan -t ecdsa-sha2-nistp256 localhost 2>/dev/null)
if [[ ! -f "$HOME/.ssh/known_hosts" ]]; then
touch "$HOME/.ssh/known_hosts"
fi
if ! grep "SSH_SERVER_AUTH_KEY_CONTENTS" "$HOME/.ssh/known_hosts"; then
echo "Adding SSH Server auth key to known_hosts"
echo $SSH_SERVER_AUTH_KEY_CONTENTS >> $HOME/.ssh/known_hosts
fi
echo "Listing contents of directory $PROTECTED_DIRECTORY"
ssh -i $SSH_KEY $USER@localhost "ls -l@O "$PROTECTED_DIRECTORY""
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment