64 lines
1.9 KiB
Bash
64 lines
1.9 KiB
Bash
#!/bin/sh
|
|
|
|
set -eu
|
|
|
|
# 强制清理残留 SSH 进程,然后在 22 端口拉起一份 usbnet 自带的 OpenSSH。
|
|
# 这份 sshd 会优先读取 /mnt/us/usbnet/etc/dot.ssh/authorized_keys。
|
|
|
|
TS="$(date +%Y%m%d-%H%M%S 2>/dev/null || echo now)"
|
|
OUT_DIR="/mnt/us/ssh-debug/${TS}"
|
|
LOG_FILE="${OUT_DIR}/force-openssh-22.log"
|
|
PID_FILE="/mnt/us/usbnet/run/sshd-force-22.pid"
|
|
SOURCE_KEYS="/mnt/us/usbnet/etc/authorized_keys"
|
|
TARGET_KEYS="/mnt/us/usbnet/etc/dot.ssh/authorized_keys"
|
|
|
|
mkdir -p "${OUT_DIR}" /mnt/us/usbnet/run /mnt/us/usbnet/etc/dot.ssh
|
|
exec >"${LOG_FILE}" 2>&1
|
|
|
|
echo "=== FORCE OPENSSH 22 ==="
|
|
date 2>/dev/null || true
|
|
id 2>/dev/null || true
|
|
|
|
if [ -f "${SOURCE_KEYS}" ]; then
|
|
cp "${SOURCE_KEYS}" "${TARGET_KEYS}"
|
|
chmod 600 "${TARGET_KEYS}" 2>/dev/null || true
|
|
fi
|
|
chmod 755 /mnt/us/usbnet/etc/dot.ssh 2>/dev/null || true
|
|
|
|
killall sshd 2>/dev/null || true
|
|
killall dropbear 2>/dev/null || true
|
|
killall dropbearmulti 2>/dev/null || true
|
|
sleep 1
|
|
|
|
rm -f "${PID_FILE}" 2>/dev/null || true
|
|
iptables -I INPUT 1 -p tcp --dport 22 -j ACCEPT 2>/dev/null || true
|
|
|
|
(
|
|
exec /mnt/us/usbnet/sbin/sshd -D -e \
|
|
-f /mnt/us/usbnet/etc/sshd_config \
|
|
-o ListenAddress=0.0.0.0 \
|
|
-o Port=22 \
|
|
-o PidFile="${PID_FILE}" \
|
|
-o AuthorizedKeysFile="${TARGET_KEYS}" \
|
|
-o PasswordAuthentication=no \
|
|
-o KbdInteractiveAuthentication=no \
|
|
-o PubkeyAuthentication=yes \
|
|
-o PermitRootLogin=yes \
|
|
-o HostKey=/mnt/us/usbnet/etc/ssh_host_rsa_key \
|
|
-o HostKey=/mnt/us/usbnet/etc/ssh_host_ecdsa_key \
|
|
-o HostKey=/mnt/us/usbnet/etc/ssh_host_ed25519_key
|
|
) &
|
|
|
|
LAUNCHER_PID="$!"
|
|
echo "${LAUNCHER_PID}" > "${OUT_DIR}/launcher.pid"
|
|
sleep 1
|
|
|
|
echo "launcher pid: ${LAUNCHER_PID}"
|
|
echo "pid file: ${PID_FILE}"
|
|
if [ -x /mnt/us/usbnet/bin/lsof ]; then
|
|
/mnt/us/usbnet/bin/lsof -n -P -iTCP:22 2>/dev/null || true
|
|
fi
|
|
|
|
echo "=== DONE ==="
|
|
echo "${OUT_DIR}"
|