#! /bin/sh

#    Sep 13/07 - F.Majaess

#id  sshstup  - Setup "ssh" keys and config file.

#    AUTHOR  - F. Majaess

#hd  PURPOSE - "sshstup" script is used to setup any missing
#hd            "ssh" keys and/or config files in $HOME/.ssh 
#hd            subdirectory.
#hd            Note: It's to be invoked from Linux platform only.
#hd                  Interactive mode is required to setup
#hd                  missing required entries in "known_hosts".
#hd                  
#hd

#pr  PARAMETERS:
#pr

#ex  EXAMPLE
#ex
#ex   sshstup 
#ex

# set -x
OS=${OS:-`uname -s`}
if [ `uname -a | sed -n -e 's/^.* joule.*$/joule/p'` = 'joule' ] ; then
 SITE_ID=${SITE_ID:-'Dorval'}
fi
if [ "$OS" = 'Linux' -a "$SITE_ID" = 'Dorval' ] ; then
 umask 077
 LOGNAME=${LOGNAME:-`logname`}
 if [ ! -s "$HOME/.ssh/id_rsa.pub" ] ; then
  if [ -f "$CCRNSRC/tmp/ssh_stuff/ssh_log" ] ; then
   echo "sshstup: ---> ${LOGNAME},`date`: Attempting ssh keys setup:" >> $CCRNSRC/tmp/ssh_stuff/ssh_log 
  fi
  if [ ! -d "$HOME/.ssh/." ] ; then
   mkdir -m 1710 -p $HOME/.ssh
  fi
  if [ ! -s "$HOME/.ssh/id_rsa" ] ; then
   cd
   # ssh-keygen -q -t dsa -C "" -N "" -f $HOME/.ssh/id_rsa
   # ssh-keygen -q -t dsa -N "" -f $HOME/.ssh/id_rsa
   ssh-keygen -q -t rsa -b 4096 -N "" -f $HOME/.ssh/id_rsa
   touch $HOME/.ssh/authorized_keys
   cat $HOME/.ssh/id_rsa.pub >> $HOME/.ssh/authorized_keys
  fi
  if [ -f "$CCRNSRC/tmp/ssh_stuff/ssh_log" ] ; then
   echo "sshstup: ===> ${LOGNAME},`date`: ssh keys setup completed." >> $CCRNSRC/tmp/ssh_stuff/ssh_log 
  fi
 else
  if [ -f "$CCRNSRC/tmp/ssh_stuff/ssh_log" ] ; then
   echo "sshstup: ===> ${LOGNAME},`date`: ssh keys setup already in place." >> $CCRNSRC/tmp/ssh_stuff/ssh_log 
  fi
 fi
 [ -d "$HOME/.ssh/." ] && chmod a+x $HOME/.ssh || :
 [ -s "$HOME/.ssh/id_rsa.pub" ] && chmod a+r $HOME/.ssh/id_rsa.pub || :

 if [ ! -s $HOME/.ssh/authorized_keys ] ; then
  touch $HOME/.ssh/authorized_keys
  cat $HOME/.ssh/id_rsa.pub >> $HOME/.ssh/authorized_keys
  if [ -s "/users/tor/acrn/src/.ssh/id_rsa.pub" ] ; then
   cat /users/tor/acrn/src/.ssh/id_rsa.pub >> $HOME/.ssh/authorized_keys
  fi
 else
  if [ -s "/users/tor/acrn/src/.ssh/id_rsa.pub" ] ; then
   # ADD_SRC_KEY=`cat $HOME/.ssh/authorized_keys | egrep 'acrnsrc@pollux' | sed -e 's/^.*= acrnsrc@pollux *$/no/g'`
   ADD_SRC_KEY=`cat $HOME/.ssh/authorized_keys | egrep 'acrnsrc@ib3-fe02' | sed -e 's/^.*= acrnsrc@ib3-fe02 *$/no/g'`
   ADD_SRC_KEY=${ADD_SRC_KEY:-'yes'}
   if [ "$ADD_SRC_KEY" != 'no' ] ; then
    cat /users/tor/acrn/src/.ssh/id_rsa.pub >> $HOME/.ssh/authorized_keys
   fi
  fi
 fi

#Disable_config='yes'
 Disable_config='no'
 if [ ! -s "$HOME/.ssh/config" -a "$Disable_config" != 'yes' ] ; then
## echo 'Host cfs2
##     ForwardX11 no
##     ForwardAgent no
## #   Cipher none
## #   Ciphers none,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
##     Protocol 2,1
##     StrictHostKeyChecking no
## 
## Host *
##     ForwardX11 yes
##     ForwardAgent yes
##     Cipher blowfish
##     Protocol 2,1
##     StrictHostKeyChecking no' > $HOME/.ssh/config
echo 'Host *.cmc.ec.gc.ca
    StrictHostKeyChecking no
    BatchMode yes' > $HOME/.ssh/config
    chmod 600 $HOME/.ssh/config
    if [ -f "$CCRNSRC/tmp/ssh_stuff/ssh_log" ] ; then
     echo "sshstup: +++> ${LOGNAME},`date`: ssh/config file setup is done." >> $CCRNSRC/tmp/ssh_stuff/ssh_log 
    fi
 fi
 chmod go-rwx $HOME/.ssh/id_rsa
 #### The followings for "known_hosts" setup are restricted 
 #### to interactive session only...
#Intrctv_mode=`who am i 2>/dev/null | $AWK '{ print $2 ; }' | sed -e 's/^tty.*$/yes/' -e 's/^pts.*$/yes/'`
#if [ "$Intrctv_mode" = 'yes' ] ; then
 #CMCMlist='cfs2 pollux maia zeta dorval-ib alef saiph'
 #CMCMlist='cfs2 pollux maia zeta saiph dorval-ib alef erg idl cron-dev1 cron-dev1.cmc.ec.gc.ca'
 #CMCMlist='cfs2 pollux zeta saiph dorval-ib alef erg idl cron-dev1 cron-dev1.cmc.ec.gc.ca cnfs datasvr'
 #CMCMlist='cfs2 pollux zeta saiph dorval-ib alef erg idl hcron1 hcron1.cmc.ec.gc.ca cnfs datasvr'
 #CMCMlist='cfs2 zeta saiph dorval-ib alef erg idl hcron1 hcron1.cmc.ec.gc.ca cnfs datasvr algol pollux'
 #CMCMlist='cfs2 zeta saiph dorval-ib alef erg idl hcron1 hcron1.cmc.ec.gc.ca cnfs datasvr algol pollux dataq spica'
 #CMCMlist='cfs2 zeta saiph dorval-ib alef erg idl hcron1 hcron1.cmc.ec.gc.ca cnfs datasvr algol pollux dataq hadar spica'
 #CMCMlist='cfs2 hadar spica pollux alef erg dorval-ib idl hcron1 hcron1.cmc.ec.gc.ca cnfs datasvr algol dataq'
 #CMCMlist='cfs2 hadar spica pollux erg joule idl hcron1 hcron1.cmc.ec.gc.ca cnfs datasvr algol dataq'
 #CMCMlist='cfs2 cfsrip hadar spica pollux erg joule idl hcron1 hcron1.cmc.ec.gc.ca cnfs datasvr dataq'
 #CMCMlist='cfs2 cfsrip hadar spica pollux erg joule idl hcron1 hcron1.cmc.ec.gc.ca cnfs datasvr cetus dataq'
 #CMCMlist='cfs2 cfsrip hadar spica pollux joule idl cnfs datasvr cetus hcron1 hcron1.cmc.ec.gc.ca'
 #CMCMlist='cfs2 cfsrip hadar spica pollux joule idl cnfs datasvr cetus hcron1 hcron1.cmc.ec.gc.ca castor mez'
  CMCMlist='cfs2 cfsrip hadar spica pollux joule       cnfs datasvr cetus hcron1 hcron1.cmc.ec.gc.ca castor'
 #CMCMlist='cfs2 cfsrip hadar spica pollux joule idl64 cnfs datasvr cetus hcron1 hcron1.cmc.ec.gc.ca castor'
  for pltfm in ${CMCMlist}
   do
   #ssh ${pltfm} pwd
    ssh -o StrictHostKeyChecking=no -o BatchMode=yes ${pltfm} 'hostname ; pwd'
   done
#fi
fi