afmarulanda/ssh_key_checks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update ssh_key_checks

Browse Source
This commit is contained in:
Andrés Felipe Marulanda Hernández 2025-02-25 17:58:37 +00:00
parent 76d1c91cf9
commit e04d6f6056
1 changed files with 17 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
ssh_key_checks
View File

@ -6,7 +6,7 @@ echo "------------------------------------------------------------"
printf "%-20s %-50s %-10s %-15s %-10s\n" "Usuario" "Ruta del archivo" "Permisos" "SSH Habilitado" "Llaves" printf "%-20s %-50s %-10s %-15s %-10s\n" "Usuario" "Ruta del archivo" "Permisos" "SSH Habilitado" "Llaves"
echo "------------------------------------------------------------" echo "------------------------------------------------------------"
# Buscar archivos que puedan contener claves SSH (no solo authorized_keys) # Buscar archivos que puedan contener claves SSH
KEY_FILES=$(find / -type f \( -name "authorized_keys" -o -name "*.pub" -o -name "*keys*" -o -name "*id_rsa*" -o -name "*id_ed25519*" \) 2>/dev/null) KEY_FILES=$(find / -type f \( -name "authorized_keys" -o -name "*.pub" -o -name "*keys*" -o -name "*id_rsa*" -o -name "*id_ed25519*" \) 2>/dev/null)
# Variables para almacenar usuarios con llaves # Variables para almacenar usuarios con llaves
@ -34,7 +34,7 @@ while IFS=: read -r username _ _ _ _ homedir _; do
if [[ $num_llaves -gt 0 ]]; then if [[ $num_llaves -gt 0 ]]; then
user_has_keys=1 user_has_keys=1
user_keys_paths+=("$key_file") user_keys_paths+=("$key_file;$permisos;$num_llaves")
fi fi
fi fi
done done
@ -70,7 +70,16 @@ while IFS=: read -r username _ _ _ _ homedir _; do
# Mostrar en pantalla si tiene llaves válidas # Mostrar en pantalla si tiene llaves válidas
if [[ ${#user_keys_paths[@]} -gt 0 ]]; then if [[ ${#user_keys_paths[@]} -gt 0 ]]; then
printf "%-20s %-50s %-10s %-15s %-10s\n" "$username" "${user_keys_paths[*]}" "$permisos" "$ssh_habilitado" "$num_llaves" first_entry=1
for key_entry in "${user_keys_paths[@]}"; do
IFS=";" read -r key_path permisos num_llaves <<< "$key_entry"
if [[ $first_entry -eq 1 ]]; then
printf "%-20s %-50s %-10s %-15s %-10s\n" "$username" "$key_path" "$permisos" "$ssh_habilitado" "$num_llaves"
first_entry=0
else
printf "%-20s %-50s %-10s %-15s %-10s\n" "" "$key_path" "$permisos" "" ""
fi
done
USERS_WITH_KEYS+=("$username:${user_keys_paths[*]}") USERS_WITH_KEYS+=("$username:${user_keys_paths[*]}")
fi fi
@ -86,14 +95,15 @@ if [[ ${#USERS_WITH_KEYS[@]} -gt 0 ]]; then
for user_data in "${USERS_WITH_KEYS[@]}"; do for user_data in "${USERS_WITH_KEYS[@]}"; do
username="${user_data%%:*}" username="${user_data%%:*}"
key_paths="${user_data##*:}" key_paths=(${user_data##*:})
echo "👤 Usuario: $username" echo "👤 Usuario: $username"
echo "📁 Archivos: $key_paths"
echo "------------------------------------------------------------" echo "------------------------------------------------------------"
for key_path in $key_paths; do for key_entry in "${key_paths[@]}"; do
echo "🔹 Contenido de $key_path:" IFS=";" read -r key_path _ _ <<< "$key_entry"
echo "📁 Archivo: $key_path"
echo "🔹 Contenido:"
grep -E "^(ssh-rsa|ssh-ed25519)" "$key_path" 2>/dev/null grep -E "^(ssh-rsa|ssh-ed25519)" "$key_path" 2>/dev/null
echo "" echo ""
done done