From e8bb57579b95c1b81437ae75289e051ee86b5a13 Mon Sep 17 00:00:00 2001 From: wukongdaily <2666180@gmail.com> Date: Wed, 24 Dec 2025 10:58:32 +0800 Subject: [PATCH] update 01 --- push-sshkey-to-fnos.sh | 66 ++++++++++++++++++++++++++++++++++++++++++ setup-nas-poweroff.sh | 60 -------------------------------------- 2 files changed, 66 insertions(+), 60 deletions(-) create mode 100644 push-sshkey-to-fnos.sh delete mode 100644 setup-nas-poweroff.sh diff --git a/push-sshkey-to-fnos.sh b/push-sshkey-to-fnos.sh new file mode 100644 index 0000000..8b0c279 --- /dev/null +++ b/push-sshkey-to-fnos.sh @@ -0,0 +1,66 @@ +#!/bin/sh +set -e + +# ===== 参数 ===== +USER_NAME="$1" +NAS_IP="$2" + +KEY_DIR="/root/.ssh" +KEY_NAME="id_dropbear" +PRIV_KEY="$KEY_DIR/$KEY_NAME" +PUB_KEY="$KEY_DIR/$KEY_NAME.pub" + +TARGET_HOME="/home/$USER_NAME" +TARGET_SSH_DIR="$TARGET_HOME/.ssh" +TARGET_AUTH_KEYS="$TARGET_SSH_DIR/authorized_keys" + +# ===== 参数检查 ===== +if [ -z "$USER_NAME" ] || [ -z "$NAS_IP" ]; then + echo "用法: $0 <飞牛用户名> <飞牛IP>" + exit 1 +fi + +# ===== 阶段一:在 OpenWrt 上生成 SSH 密钥 ===== +echo "== [1/2] 检查并生成 SSH 密钥 ==" + +if [ ! -d "$KEY_DIR" ]; then + mkdir -p "$KEY_DIR" + chmod 700 "$KEY_DIR" +fi + +if [ ! -f "$PRIV_KEY" ]; then + echo "未发现 SSH 密钥,开始生成(ed25519)..." + ssh-keygen -t ed25519 -f "$PRIV_KEY" -N "" +else + echo "已存在 SSH 密钥,跳过生成" +fi + +# ===== 阶段二:推送公钥到飞牛 NAS ===== +echo "== [2/2] 推送公钥到飞牛 NAS ==" + +ssh "$USER_NAME@$NAS_IP" " +set -e + +# 确保 /home/用户名 存在(飞牛首次安装时需要) +if [ ! -d \"$TARGET_HOME\" ]; then + sudo mkdir -p \"$TARGET_HOME\" + sudo chown $USER_NAME:$USER_NAME \"$TARGET_HOME\" + sudo chmod 755 \"$TARGET_HOME\" +fi + +# 创建 .ssh 目录 +sudo mkdir -p \"$TARGET_SSH_DIR\" +sudo chown $USER_NAME:$USER_NAME \"$TARGET_SSH_DIR\" +sudo chmod 700 \"$TARGET_SSH_DIR\" + +# 准备 authorized_keys +sudo touch \"$TARGET_AUTH_KEYS\" +sudo chown $USER_NAME:$USER_NAME \"$TARGET_AUTH_KEYS\" +sudo chmod 600 \"$TARGET_AUTH_KEYS\" +" + +# 写入公钥 +cat "$PUB_KEY" | ssh "$USER_NAME@$NAS_IP" \ +"cat >> $TARGET_AUTH_KEYS" + +echo "✅ SSH 免密登录配置完成:$USER_NAME@$NAS_IP" diff --git a/setup-nas-poweroff.sh b/setup-nas-poweroff.sh deleted file mode 100644 index 91f5c90..0000000 --- a/setup-nas-poweroff.sh +++ /dev/null @@ -1,60 +0,0 @@ -#!/bin/bash -set -e - -echo "== NAS SSH 远程关机初始化脚本(Root 模式) ==" -echo "作者: wukongdaily" -echo "用途: 允许 OpenWrt 通过 SSH 密钥安全关机 NAS(fnOS 兼容)" -echo - -# 必须使用 root -if [ "$EUID" -ne 0 ]; then - echo "❌ 请使用 root 用户运行此脚本" - exit 1 -fi - -SYSTEMCTL_PATH="$(command -v systemctl)" - -if [ -z "$SYSTEMCTL_PATH" ]; then - echo "❌ 未检测到 systemctl(非 systemd 系统)" - exit 1 -fi - -SSH_DIR="/root/.ssh" -AUTH_KEYS="$SSH_DIR/authorized_keys" - -echo "当前用户: root" -echo "systemctl 路径: $SYSTEMCTL_PATH" -echo "SSH 公钥文件: $AUTH_KEYS" -echo -echo "将执行以下操作:" -echo " - 创建 /root/.ssh(如不存在)" -echo " - 初始化 authorized_keys 权限" -echo " - 不修改 sudoers(直接使用 root)" -echo -read -p "是否继续?[y/N]: " CONFIRM -[[ "$CONFIRM" =~ ^[Yy]$ ]] || exit 0 - -echo -echo "== 初始化 SSH 目录 ==" - -mkdir -p "$SSH_DIR" -chmod 700 "$SSH_DIR" - -touch "$AUTH_KEYS" -chmod 600 "$AUTH_KEYS" - -echo "✔ SSH 目录与权限已设置" - -echo -echo "🎉 初始化完成" -echo -echo "下一步你需要做的:" -echo "1️⃣ 将 OpenWrt 的 SSH 公钥追加到:" -echo " $AUTH_KEYS" -echo -echo "2️⃣ OpenWrt 侧测试命令:" -echo " ssh root@ \"$SYSTEMCTL_PATH poweroff\"" -echo -echo "⚠️ 建议:" -echo " - 该 key 只用于 OpenWrt 自动化" -echo " - 不要用于人工登录"