M Makefile => Makefile +1 -3
@@ 7,6 7,4 @@ lint:
shellcheck ronin2.sh
clean:
- $(RM) ~/.ronin/ronin-disk.qcow2
- $(RM) ~/.ronin/ronin_key.priv
- $(RM) ~/.ronin/ronin_key.pub
+ $(RM) -r ~/.ronin/
A guest-setup.sh => guest-setup.sh +23 -0
@@ 0,0 1,23 @@
+#!/bin/sh
+
+set -ex
+
+# Setup ssh
+
+ssh-keygen -A
+mkdir -p /run/sshd
+
+# Without this, you'll get:
+# sh.service: Start request repeated too quickly.
+# because sshd tries to start several times at boot,
+# but it doesn't have hostkeys available yet.
+systemctl reset-failed sshd
+
+systemctl start sshd
+
+# Uncomment to debug output for ssh
+# journalctl -xeu ssh.service --no-pager
+
+# Setup ronin user
+useradd --create-home ronin
+mkdir /home/ronin/.ssh
D ronin => ronin +0 -10
@@ 1,10 0,0 @@
-#!/bin/sh
-
-mkdir -p ~/.ronin && cd ~/.ronin
-if uname -r | grep microsoft; then
- wget https://git.sr.ht/~razzi/ronin/blob/main/wsl_vagrantfile/Vagrantfile -O Vagrantfile
-else
- vagrant init debian/bookworm64
-fi
-vagrant up
-vagrant ssh
M ronin2.sh => ronin2.sh +24 -12
@@ 1,36 1,48 @@
#!/bin/sh
# ronin2: this time using qemu
-set -x
+set -ex
-mkdir -p ~/.ronin && cd ~/.ronin || return
+mkdir -p ~/.cache/ronin && \
+ mkdir -p ~/.ronin # && \
+ # cd ~/.ronin || return
DEBIAN_VERSION=12
DEBIAN_CLOUD_IMAGE=debian-$DEBIAN_VERSION-nocloud-amd64.qcow2
DEBIAN_IMAGE_URL=https://cloud.debian.org/images/cloud/bookworm/latest/$DEBIAN_CLOUD_IMAGE
-test ! -f $DEBIAN_CLOUD_IMAGE && \
- wget $DEBIAN_IMAGE_URL
+CACHED_DEBIAN_IMAGE=$HOME/.cache/ronin/$DEBIAN_CLOUD_IMAGE
-RONIN_DISK=ronin-disk.qcow2
+test ! -f $CACHED_DEBIAN_IMAGE && \
+ wget $DEBIAN_IMAGE_URL --output-document $CACHED_DEBIAN_IMAGE
+
+RONIN_DEBIAN_IMAGE=$HOME/.ronin/$DEBIAN_CLOUD_IMAGE
+test ! -f $RONIN_DEBIAN_IMAGE &&
+ cp $CACHED_DEBIAN_IMAGE $RONIN_DEBIAN_IMAGE
+
+RONIN_DISK=$HOME/.ronin/ronin-disk.qcow2
test ! -f $RONIN_DISK && \
- cp $DEBIAN_CLOUD_IMAGE $RONIN_DISK && \
- qemu-img resize $DEBIAN_CLOUD_IMAGE 20G \
+ cp $RONIN_DEBIAN_IMAGE $RONIN_DISK && \
+ qemu-img resize $RONIN_DEBIAN_IMAGE 20G \
+RONIN_PRIVATE_KEY=$HOME/.ronin/ronin_key.priv
-ssh-keygen -t ed25519 -f ronin_key.priv -N ''
-mv ronin_key.priv.pub ronin_key.pub
+# could be encapsulated
+ssh-keygen -t ed25519 -f $RONIN_PRIVATE_KEY -N ''
+mv $HOME/.ronin/ronin_key.priv.pub $HOME/.ronin/ronin_key.pub
-GUEST_SSHD_KEY=guest_ssh_host_ed25519_key.pub
+# TODO could leave known_hosts in weird state
+GUEST_SSHD_KEY=$HOME/.ronin/guest_ssh_host_ed25519_key.pub
test ! -f $GUEST_SSHD_KEY && ./setup-ssh.sh
# Launch the VM for prime time
qemu-system-x86_64 \
- -hda ronin-disk.qcow2 \
+ -hda $RONIN_DEBIAN_IMAGE \
-m 4096 \
-nic hostfwd=tcp::2022-:22 \
+ -display none
-daemonize
-ssh ronin@localhost -p 2022 -i ronin_key.priv
+ssh ronin@localhost -p 2022 -i $HOME/.ronin/ronin_key.priv
M setup-ssh.exp => setup-ssh.exp +23 -22
@@ 1,50 1,51 @@
#!/usr/bin/expect -f
+# exp_internal 1
+
set timeout 100
spawn qemu-system-x86_64 \
- -hda ronin-disk.qcow2 \
+ -hda $::env(HOME)/.ronin/ronin-disk.qcow2 \
-nographic \
- -m 2048 \
+ -m 4096 \
-nic hostfwd=tcp::2022-:22
# Skip grub 5 second wait
expect "*Debian GNU/Linux"
send "\n"
-expect "login: "
+# Login
+expect "localhost login: "
send "root\n"
expect "# "
-send "ssh-keygen -A\n"
-expect "# "
-send "mkdir -p /run/sshd\n"
+set guest_setup_script [open guest-setup.sh]
+set guest_setup_contents [read $guest_setup_script]
+close $guest_setup_script
-expect "# "
-set pubkey_file_pointer [open ronin_key.pub]
-set pubkey_contents [read $pubkey_file_pointer]
-close $pubkey_file_pointer
+send "cat > guest-setup.sh << __EOF__
+$guest_setup_contents
+__EOF__\n"
expect "# "
-send "useradd --create-home ronin\n"
+send "sh guest-setup.sh\n"
expect "# "
-send "mkdir /home/ronin/.ssh\n"
+
+set pubkey_file_pointer [open $::env(HOME)/.ronin/ronin_key.pub]
+set pubkey_contents [string trimright [read $pubkey_file_pointer] "\r\n"]
+close $pubkey_file_pointer
send "cat > /home/ronin/.ssh/authorized_keys << __EOF__
$pubkey_contents
__EOF__\n"
-expect "# "
-send "systemctl restart sshd\n"
-
# Get the guest ssh key to add to host known_hosts
expect "# "
-send "cat /etc/ssh/ssh_host_ed25519_key.pub"
-expect EOF
-set output [open known_hosts a]
-puts -nonewline $output $expect_out(buffer)
-close $output
-
-echo ok got $expect_out(buffer)
+send "cat /etc/ssh/ssh_host_ed25519_key.pub\n"
+expect -re {(ssh-ed25519 \S+) root@localhost} {
+ set guest_ssh_key [open $::env(HOME)/.ronin/guest_ssh_host_ed25519_key.pub w]
+ puts -nonewline $guest_ssh_key $expect_out(1,string)
+ close $guest_ssh_key
+}
A setup-ssh.sh => setup-ssh.sh +13 -0
@@ 0,0 1,13 @@
+#!/bin/sh
+BASEDIR=$(dirname "$0")
+ABSOLUTE_SCRIPT_PATH=$(readlink -f "$BASEDIR")
+
+cp $ABSOLUTE_SCRIPT_PATH/guest-setup.sh ~/.ronin/
+
+"$ABSOLUTE_SCRIPT_PATH"/setup-ssh.exp
+
+# Add guest ssh key to host known_hosts
+echo -n 'localhost ' >> ~/.ssh/known_hosts
+cat $HOME/.ronin/guest_ssh_host_ed25519_key.pub >> ~/.ssh/known_hosts
+
+ssh-keygen -Hf ~/.ssh/known_hosts