Last active
October 3, 2020 09:41
-
-
Save tuxpeople/1a62e174f46cbebad785b2b22bae895c to your computer and use it in GitHub Desktop.
Script to enable SSH on Raspbian .img image files
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Andrew Oakley aoakley.com Public Domain 2016 | |
| # Check out cotswoldjam.org for RPi events in Gloucestershire | |
| # I recommend you place this script in /usr/local/sbin | |
| # | |
| # Changes and additions by Thomas Deutsch | |
| # | |
| # Thanks to https://raspberrypi.stackexchange.com/a/99531 | |
| # | |
| # Set this to armhf for 32bit and arm64 for 64bit | |
| OSTYPE="armhf" | |
| # If true, WiFi will be configured | |
| WIFI=true | |
| # If true, SSH Key will be added to user pi | |
| KEY=true | |
| # If true, fsck autorepair on first boot | |
| FSCK=true | |
| # SSID of your WiFi | |
| SSID="mySSID" | |
| #Key of your WiFi | |
| PSK="myPSK" | |
| #Two letter country code | |
| COUNTRY="CH" | |
| #SSH Key | |
| SSHKEY="ssh-rsa abcde...." | |
| #Output directory | |
| OUTPUTDIR="/root/seafile/sync" | |
| RASPIOSVERSION=$(curl http://downloads.raspberrypi.org/raspios_lite_${OSTYPE}/os.json | grep version | cut -d'"' -f4) | |
| TMP=$(mktemp -d) | |
| TMP2="${TMP}-work" | |
| PWD=$(pwd) | |
| set -e | |
| function cleanup { | |
| cd ${PWD} | |
| sudo umount -f $TMP/boot/ &> /dev/null | |
| sudo umount -f $TMP &> /dev/null | |
| sudo losetup -d ${LOOP} | |
| sudo rm -rf $TMP | |
| sudo rm -rf ${TMP2} | |
| } | |
| trap cleanup EXIT INT TERM | |
| # Help | |
| if [[ "$1" == "-h" || "$1" == "/?" || "$1" == "--help" ]]; then | |
| echo "Enables SSH on a raspios image from Nov 2016 or later" | |
| echo "Usage:" | |
| echo " sudo `basename $0` [imagename]" | |
| echo "If imagename is not supplied, downloads the latest version of raspios ${RASPIOSVERSION} Lite ${OSTYPE}." | |
| exit | |
| fi | |
| # Need to be root - we'll be mounting loopback device | |
| if [ "$(id -u)" != 0 ]; then | |
| echo "You must be root to run this. Try:" | |
| echo " sudo `basename $0` $*" | |
| echo "or" | |
| echo " `basename $0` -h" | |
| echo "for help" | |
| exit | |
| fi | |
| # Make a working directory and download | |
| mkdir ${TMP2} | |
| cd ${TMP2} | |
| curl -L "https://downloads.raspberrypi.org/raspios_lite_${OSTYPE}_latest" -o raspios_lite_latest.zip | |
| unzip raspios_lite_latest.zip | |
| # Did we get what we were expecting? | |
| if [[ `ls -1 *-raspios-${RASPIOSVERSION}-${OSTYPE}-lite.img | wc -l` -ne 1 ]]; then | |
| echo "Can't find \"*-raspios-${RASPIOSVERSION}-${OSTYPE}-lite.img\" in raspios_lite_latest" | |
| exit | |
| fi | |
| rm -f raspios_lite_latest.zip | |
| # If run with sudo , change ownership to real user | |
| FILEPATH=`ls -1 *-raspios-${RASPIOSVERSION}-${OSTYPE}-lite.img` | |
| CALLER=`who am i | awk '{print $1}'` | |
| if [ "$CALLER" != "root" ]; then | |
| chown $CALLER.`groups $CALLER | awk '{print $1}'` "$FILEPATH" 2>/dev/null | |
| fi | |
| LOOP=$(losetup --show -fP "${FILEPATH}") | |
| mount ${LOOP}p2 ${TMP} | |
| mount ${LOOP}p1 ${TMP}/boot/ | |
| # Make the change | |
| if [[ -e "${TMP}/boot/ssh" ]]; then | |
| echo "\"`basename "$FILEPATH"`\" ALREADY had boot/ssh set." | |
| else | |
| touch ${TMP}/boot/ssh | |
| echo "\"`basename "$FILEPATH"`\" now has boot/ssh set." | |
| fi | |
| ADDTONAME="ssh" | |
| if [ "$WIFI" = true ] ; then | |
| cat <<EOF > ${TMP}/boot/wpa_supplicant.conf | |
| country=${COUNTRY} | |
| ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev | |
| network={ | |
| ssid="${SSID}" | |
| psk="${PSK}" | |
| key_mgmt=WPA-PSK | |
| } | |
| EOF | |
| echo "\"`basename "$FILEPATH"`\" now has boot/wpa_supplicant.conf configured." | |
| ADDTONAME="${ADDTONAME}-wifi" | |
| fi | |
| if [ "$KEY" = true ] ; then | |
| IDS=$(grep pi ${TMP}/etc/passwd | cut -d':' -f3,4) | |
| mkdir ${TMP}/home/pi/.ssh | |
| echo ${SSHKEY} > ${TMP}/home/pi/.ssh/authorized_keys | |
| chown -R ${IDS} ${TMP}/home/pi/.ssh | |
| chmod 600 ${TMP}/home/pi/.ssh/authorized_keys | |
| chmod 700 ${TMP}/home/pi/.ssh | |
| echo "\"`basename "$FILEPATH"`\" now has a ssh public key for user pi configured." | |
| ADDTONAME="${ADDTONAME}-sshkey" | |
| fi | |
| if [ "$FSCK" = true ]; then | |
| sed -i 's|rootfstype=ext4|rootfstype=ext4 fsck.repair=yes fsck.mode=force|g' ${TMP}/boot/cmdline.txt | |
| echo "*************************************************************" | |
| cat ${TMP}/boot/cmdline.txt | |
| echo "*************************************************************" | |
| echo '#!/bin/bash' > ${TMP}/root/runonce.sh | |
| echo "sed -i 's| fsck.repair=yes fsck.mode=force||g' /boot/cmdline.txt" >> ${TMP}/root/runonce.sh | |
| echo "sed -i '/runonce.sh/d' /etc/rc.local" >> ${TMP}/root/runonce.sh | |
| chmod +x ${TMP}/root/runonce.sh | |
| echo "/root/runonce.sh" >> ${TMP}/etc/rc.local | |
| ADDTONAME="${ADDTONAME}-fsck" | |
| fi | |
| umount ${LOOP}p1 | |
| umount ${LOOP}p2 | |
| filename=$(basename -- "${FILEPATH}") | |
| filename="${filename%.*}" | |
| filename="${filename}-${ADDTONAME}.img" | |
| mv ${FILEPATH} ${filename} | |
| if command -v zip &> /dev/null; then | |
| echo "Found zip installed, zipping image" | |
| zip ${filename}.zip ${filename} | |
| rm -f ${filename} | |
| filename="${filename}.zip" | |
| fi | |
| echo "Moving new image to ${OUTPUTDIR}/${filename}" | |
| mv ${filename} ${OUTPUTDIR}/${filename} | |
| # Unmount and clear up | |
| cleanup |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Based upon Andrew Oakley's work: http://www.aoakley.com/articles/2016-12-05-raspbian-enable-ssh.php