Add 'lpreserver keyexchange' command which allows users to interactively

setup their SSH password-less logins (for automated backups)

Fixes: trueos/trueos-core#1434

backend/functions.sh

@@ -628,20 +628,7 @@ add_rep_task() {
   # Check if we need to setup a SSH key
   if [ -z "$SSHPASS" ] ; then return; fi
 
-  if [ ! -e "/root/.ssh/id_rsa.pub" ]; then
-    mkdir /root/.ssh >/dev/null 2>/dev/null
-    ssh-keygen -q -t rsa -N '' -f /root/.ssh/id_rsa
-  fi
-
-  if [ ! -e "/root/.ssh/id_rsa.pub" ]; then
-    exit_err "Failed creating /root/.ssh/id_rsa.pub"
-  fi
-
-  sshpass -e ssh -p $PORT $USER@$HOST $SSHPROPS 'mkdir .ssh' >/dev/null 2>/dev/null
-  cat /root/.ssh/id_rsa.pub | sshpass -e ssh -p $PORT $USER@$HOST $SSHPROPS 'chmod 700 .ssh ; tee -a .ssh/authorized_keys ; chmod 644 .ssh/authorized_keys' >/dev/null 2>/dev/null
-  if [ $? -ne 0 ] ; then
-     exit_err "Failed setting up SSH key authentication"
-  fi
+  ssh_keyexchange "$HOST" "$USER" "$PORT"
 }
 
 rem_rep_task() {
@@ -2236,3 +2223,35 @@ save_iscsi_zpool_data() {
 
   exit 0
 }
+
+ssh_keyexchange() {
+
+  if [ -z "$1" -o -z "$2" -o -z "$3" ] ; then
+     exit_err "Usage: lpreserver keyexchange <remote host> <user> <port>"
+  fi
+
+  if [ ! -e "/root/.ssh/id_rsa.pub" ]; then
+    mkdir /root/.ssh >/dev/null 2>/dev/null
+    ssh-keygen -q -t rsa -N '' -f /root/.ssh/id_rsa
+  fi
+
+  if [ ! -e "/root/.ssh/id_rsa.pub" ]; then
+    exit_err "Failed creating /root/.ssh/id_rsa.pub"
+  fi
+
+  if [ -n "$SSHPASS" ] ; then
+    # Using SSHPASS
+    sshpass -e ssh -p $3 $2@$1 'mkdir .ssh' >/dev/null 2>/dev/null
+    cat /root/.ssh/id_rsa.pub | sshpass -e ssh -p $3 $2@$1 'chmod 700 .ssh ; tee -a .ssh/authorized_keys ; chmod 644 .ssh/authorized_keys' >/dev/null 2>/dev/null
+    if [ $? -ne 0 ] ; then
+       exit_err "Failed setting up SSH key authentication"
+    fi
+  else
+    # INTERACTIVE MODE
+    ssh -p $3 $2@$1 'mkdir .ssh' >/dev/null 2>/dev/null
+    cat /root/.ssh/id_rsa.pub | ssh -p $3 $2@$1 'chmod 700 .ssh ; tee -a .ssh/authorized_keys ; chmod 644 .ssh/authorized_keys' >/dev/null 2>/dev/null
+    if [ $? -ne 0 ] ; then
+       exit_err "Failed setting up SSH key authentication"
+    fi
+  fi
+}

lpreserver

@@ -86,6 +86,7 @@ Available subcommands:
        export - Export / Offline an iSCSI zpool
        import - Import / Online an iSCSI zpool
          init - Initialize the remote side again
+  keyexchange - Perform SSH pubkey copy to remote
          list - List replication targets
        remove - Remove a replication target
           run - Start a replication manually
@@ -161,6 +162,14 @@ init options:
 	when your replication gets stuck. Doing this option will remove
 	all the data on the remote side, and require a full re-sync again.
 
+keyexchange options:
+
+	<remote host> <user> <port>
+
+	Will copy this systems id_rsa.pub (or generate one) and copy
+	it to the remote host for automated replication jobs. Allows
+	password-less login into the remote host.
+
 remove options:
 
 	remove <dataset> <target host>
@@ -775,6 +784,7 @@ case "$1" in
 		export) require_root ; export_iscsi_zpool "$2" "$3" ;;
 		import) require_root ; import_iscsi_zpool "$2" "$3" ;;
 		init) require_root ; init_rep_task "$2" "$3" ;;
+	   keyexchange) require_root ; ssh_keyexchange "$2" "$3" "$4" ;;
 		list) list_rep_task ;;
                 remove) require_root
                         if [ -z $2 ] || [ -z $3 ]; then