#!/bin/sh

set -eu

# 强制清理残留 SSH 进程，然后在 22 端口拉起一份 usbnet 自带的 DropBear。
# 这里使用 Kindle hack 里的 -n，让其不走密码检查，方便恢复公钥访问。

TS="$(date +%Y%m%d-%H%M%S 2>/dev/null || echo now)"
OUT_DIR="/mnt/us/ssh-debug/${TS}"
LOG_FILE="${OUT_DIR}/force-dropbear-22.log"
PID_FILE="/mnt/us/usbnet/run/dropbear-force-22.pid"

mkdir -p "${OUT_DIR}" /mnt/us/usbnet/run
exec >"${LOG_FILE}" 2>&1

echo "=== FORCE DROPBEAR 22 ==="
date 2>/dev/null || true
id 2>/dev/null || true

killall sshd 2>/dev/null || true
killall dropbear 2>/dev/null || true
killall dropbearmulti 2>/dev/null || true
sleep 1

rm -f "${PID_FILE}" 2>/dev/null || true
iptables -I INPUT 1 -p tcp --dport 22 -j ACCEPT 2>/dev/null || true

(
    cd /mnt/us/usbnet
    exec bin/dropbearmulti dropbear -F -E -p 22 -P "${PID_FILE}" -n
) &

LAUNCHER_PID="$!"
echo "${LAUNCHER_PID}" > "${OUT_DIR}/launcher.pid"
sleep 1

echo "launcher pid: ${LAUNCHER_PID}"
echo "pid file: ${PID_FILE}"
if [ -x /mnt/us/usbnet/bin/lsof ]; then
    /mnt/us/usbnet/bin/lsof -n -P -iTCP:22 2>/dev/null || true
fi

echo "=== DONE ==="
echo "${OUT_DIR}"