mervick/tm.bash

## tm.bash
# mv tm.bash /opt/tm.bash
# chmod +x /opt/tm.bash
# ln -s /opt/tm.bash /sbin/tm
# tm -h
# Move your untrusted keys in ~/authorized_keys with the following format
# shortname;longname;sshpublickey

# #;Remote-Untrusted
# workPC1;WorkPC-1-Win10;SOMESSHKEYSHIT
# flashPC;FlashDrivePuTTY;SOMEMORESSHKEYSHIT
# #;Home-PCs
# DesktopCS;ControlCenterPC;EVENMORESSHSHITYOUGETTHEPOINT

echo ""
echo "= Altrix Login Trust Management ==================="
OPTIND=1         # Reset in case getopts has been used previously in the shell.
allow="999"
revoke="999"
key="notakey"
list="999"
temp="999"
i=""
pub_key=""
name_key=""

show_help() {
echo "ALTM allows you to contorl SSH key login"
echo "tm [-l] or tm [-t|-a|-r] <key name>"
echo ""
echo "     -l - List all installed public keys"
echo "          Reads from ~/authorized_keys"
echo "          Format: short_name;long_name;key"
echo "          Divider: #;name"
echo ""
echo "     -t - Interactive Login"
echo "          Allows login while script is running"
echo "     "
echo "     -a - Allow a SSH key"
echo "     "
echo "     -r - Revoke a SSH key"
echo "     "
}

if [ "$#" = 0 ]; then show_help; exit 0; fi

while getopts "h?lt:a:r:" opt; do
    case "$opt" in
    h|\?)
        show_help
        exit 0
        ;;
    l)  echo "List of all keys:"
        for i in $(cat ~/authorized_keys)
        do
        key_short_name=$(echo $i | awk -F ";" '{print $1}')
        key_long_name=$(echo $i | awk -F ";" '{print $2}')
        if [ $key_short_name = "#" ]; then
        echo "- $key_long_name --------------"
        else
        echo "$key_short_name   [$key_long_name]"
        fi
        done
        echo ""
        exit 0
        ;;
    t)  key=$OPTARG
        echo "Allowing $key NOW! INTERACTIVE MODE"
        for i in $(grep -i $key ~/authorized_keys)
        do
        pub_key=$(echo "$i" | awk -F ";" '{printf $3}')
        name_key=$(echo "$i" | awk -F ";" '{printf $1}')
        echo "ssh-rsa $pub_key $name_key" >> ~/.ssh/authorized_keys
        done
        echo "Login has been granted, press any key to revoke."
        read -n 1 -s
        echo "Revoking $key NOW!"
        sed -i '/'"$key"'/d' ~/.ssh/authorized_keys
        echo ""
        exit 0
        ;;
    a)  key=$OPTARG
        echo "Allowing $key NOW! Besure to revoke when not in use"
        for i in $(grep -i $key ~/authorized_keys)
        do
        pub_key=$(echo "$i" | awk -F ";" '{printf $3}')
        name_key=$(echo "$i" | awk -F ";" '{printf $1}')
        echo "ssh-rsa $pub_key $name_key" >> ~/.ssh/authorized_keys
        done
        echo ""
        exit 0
        ;;
    r)  key=$OPTARG
        echo "Revoking $key NOW!"
        sed -i '/'"$key"'/d' ~/.ssh/authorized_keys
        echo ""
        exit 0
        ;;
    *)  show_help
        exit 0
        ;;
    esac
done
	# mv tm.bash /opt/tm.bash
	# chmod +x /opt/tm.bash
	# ln -s /opt/tm.bash /sbin/tm
	# tm -h
	# Move your untrusted keys in ~/authorized_keys with the following format
	# shortname;longname;sshpublickey

	# #;Remote-Untrusted
	# workPC1;WorkPC-1-Win10;SOMESSHKEYSHIT
	# flashPC;FlashDrivePuTTY;SOMEMORESSHKEYSHIT
	# #;Home-PCs
	# DesktopCS;ControlCenterPC;EVENMORESSHSHITYOUGETTHEPOINT

	echo ""
	echo "= Altrix Login Trust Management ==================="
	OPTIND=1 # Reset in case getopts has been used previously in the shell.
	allow="999"
	revoke="999"
	key="notakey"
	list="999"
	temp="999"
	i=""
	pub_key=""
	name_key=""

	show_help() {
	echo "ALTM allows you to contorl SSH key login"
	echo "tm [-l] or tm [-t\|-a\|-r] <key name>"
	echo ""
	echo " -l - List all installed public keys"
	echo " Reads from ~/authorized_keys"
	echo " Format: short_name;long_name;key"
	echo " Divider: #;name"
	echo ""
	echo " -t - Interactive Login"
	echo " Allows login while script is running"
	echo " "
	echo " -a - Allow a SSH key"
	echo " "
	echo " -r - Revoke a SSH key"
	echo " "
	}

	if [ "$#" = 0 ]; then show_help; exit 0; fi

	while getopts "h?lt:a:r:" opt; do
	case "$opt" in
	h\|\?)
	show_help
	exit 0
	;;
	l) echo "List of all keys:"
	for i in $(cat ~/authorized_keys)
	do
	key_short_name=$(echo $i \| awk -F ";" '{print $1}')
	key_long_name=$(echo $i \| awk -F ";" '{print $2}')
	if [ $key_short_name = "#" ]; then
	echo "- $key_long_name --------------"
	else
	echo "$key_short_name [$key_long_name]"
	fi
	done
	echo ""
	exit 0
	;;
	t) key=$OPTARG
	echo "Allowing $key NOW! INTERACTIVE MODE"
	for i in $(grep -i $key ~/authorized_keys)
	do
	pub_key=$(echo "$i" \| awk -F ";" '{printf $3}')
	name_key=$(echo "$i" \| awk -F ";" '{printf $1}')
	echo "ssh-rsa $pub_key $name_key" >> ~/.ssh/authorized_keys
	done
	echo "Login has been granted, press any key to revoke."
	read -n 1 -s
	echo "Revoking $key NOW!"
	sed -i '/'"$key"'/d' ~/.ssh/authorized_keys
	echo ""
	exit 0
	;;
	a) key=$OPTARG
	echo "Allowing $key NOW! Besure to revoke when not in use"
	for i in $(grep -i $key ~/authorized_keys)
	do
	pub_key=$(echo "$i" \| awk -F ";" '{printf $3}')
	name_key=$(echo "$i" \| awk -F ";" '{printf $1}')
	echo "ssh-rsa $pub_key $name_key" >> ~/.ssh/authorized_keys
	done
	echo ""
	exit 0
	;;
	r) key=$OPTARG
	echo "Revoking $key NOW!"
	sed -i '/'"$key"'/d' ~/.ssh/authorized_keys
	echo ""
	exit 0
	;;
	*) show_help
	exit 0
	;;
	esac
	done