64 lines
1.7 KiB
Bash
64 lines
1.7 KiB
Bash
#!/bin/sh
|
||
set -e
|
||
|
||
# ======================================================
|
||
# 飞牛 NAS 交互式安装公钥 & 修复权限 & 配置 sudo NOPASSWD
|
||
# ======================================================
|
||
|
||
echo "=== 飞牛 NAS 公钥安装脚本 ==="
|
||
|
||
# 提示用户输入用户名
|
||
while [ -z "$USER_NAME" ]; do
|
||
read -p "请输入飞牛NAS用户名: " USER_NAME
|
||
done
|
||
|
||
while [ -z "$NAS_IP" ]; do
|
||
read -p "请输入飞牛NAS IP: " NAS_IP
|
||
done
|
||
|
||
|
||
|
||
# 提示用户输入公钥路径
|
||
while [ -z "$PUB_KEY_PATH" ]; do
|
||
read -p "请输入公钥文件完整路径(例如 /vol1/1000/pub/id_dropbear.pub): " PUB_KEY_PATH
|
||
done
|
||
|
||
# 验证公钥文件是否存在
|
||
if [ ! -f "$PUB_KEY_PATH" ]; then
|
||
echo "❌ 公钥文件不存在: $PUB_KEY_PATH"
|
||
exit 1
|
||
fi
|
||
|
||
HOME_DIR="/home/$USER_NAME"
|
||
SSH_DIR="$HOME_DIR/.ssh"
|
||
AUTH_KEYS="$SSH_DIR/authorized_keys"
|
||
|
||
# ===== 安装公钥 =====
|
||
mkdir -p "$SSH_DIR"
|
||
cp -f "$PUB_KEY_PATH" "$AUTH_KEYS"
|
||
|
||
# 修复权限
|
||
chown "$USER_NAME" "$HOME_DIR" "$SSH_DIR" "$AUTH_KEYS"
|
||
chmod 700 "$SSH_DIR"
|
||
chmod 600 "$AUTH_KEYS"
|
||
|
||
echo "✅ 公钥已安装并权限修复完成"
|
||
|
||
# ===== 配置 sudoers NOPASSWD =====
|
||
SUDO_FILE="/etc/sudoers.d/${USER_NAME}_poweroff"
|
||
SUDO_RULE="$USER_NAME ALL=(root) NOPASSWD:/usr/bin/systemctl poweroff"
|
||
|
||
if [ ! -f "$SUDO_FILE" ] || ! grep -Fxq "$SUDO_RULE" "$SUDO_FILE"; then
|
||
echo "$SUDO_RULE" > "$SUDO_FILE"
|
||
chmod 440 "$SUDO_FILE"
|
||
echo "✅ sudoers 已添加 NOPASSWD 规则 ($SUDO_FILE)"
|
||
else
|
||
echo "⚠️ sudoers NOPASSWD 规则已存在,无需重复添加"
|
||
fi
|
||
|
||
echo
|
||
echo "现在你可以在OpenWrt中测试如下命令 看看是否能无密码关机: "
|
||
echo "ssh -o StrictHostKeyChecking=no $USER_NAME@${NAS_IP} sudo /usr/bin/systemctl poweroff || true"
|
||
echo ""
|
||
echo "================ 脚本执行完毕 ================"
|