#!/bin/sh # ====================================================================================================================== # SSH setup for Distributed Nagios eXecutor # # Copyright: 2010, Nagios, Inc. # Original Author: Tony Yarusso # License: BSD # Homepage: http://www.nagios.com/ # Description: Set up SSH key authentication for DNX # Distributed Nagios eXecutor (DNX) has an option for automatically syncing plugins from the master # to the slaves using passphraseless SSH keys. This script takes care of setting that up. This is # intended to be run from NagiosXI-DNX.sh, not as a standalone script. # # Revision history is kept in Subversion at https://devhub.nagios.com/svn/xidocs # # ---------------------------------------------------------------------------------------------------------------------- # # Full license text: # # Copyright (c) 2010, Nagios, Inc. # All rights reserved. # # Redistribution and use in source and binary forms, with or without modification, are permitted provided that the # following conditions are met: # # * Redistributions of source code must retain the above copyright notice, this list of conditions and the following # disclaimer. # * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the # following disclaimer in the documentation and/or other materials provided with the distribution. # * Neither the name of Nagios nor the names of its contributors may be used to endorse or promote products derived # from this software without specific prior written permission. (Note however that written permission has already # been granted for many types of usage of the Nagios name. See the Nagios Trademark Policy on # http://www.nagios.com/legal/trademarks/ for details on allowed uses.) # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, # INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE # DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR # SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # # ====================================================================================================================== ENABLE_SYNC=$1 CLIENT_IPS=$2 DUSER=$3 # Check if an SSH key exists, and create one if necessary (for push sync) if [ $ENABLE_SYNC ] && [ ! -f ~/.ssh/identity.pub ] && [ ! -f ~/.ssh/id_rsa.pub ] && [ ! $(ssh-add -L) ]; then echo "You indicated to enable push syncing of plugins via SSH, but do not have an SSH key yet." echo "We will create a key to use now." ssh-keygen -q -b 2048 -t rsa -N "" -C "Blank key for pushing Nagios plugins" -f ~/.ssh/id_rsa echo "SSH key created." fi for client in $CLIENT_IPS; do echo "Copying SSH key to authorized_hosts on $client. You will need to authenticate on $client now." echo "The default password is \"welcome\". Unless you've changed that, enter it now:" if [ -f ~/.ssh/id_rsa.pub ]; then ssh-copy-id -i ~/.ssh/id_rsa.pub $DUSER@$client else ssh-copy-id $client fi done