~razzi/ronin

b30ce09d94d9f255165a278d8ab7c9cd1e178d74 — Razzi Abuissa 6 months ago 6ae2686
Clean up setup
3 files changed, 16 insertions(+), 21 deletions(-)

M guest-setup.sh
M ronin.sh
M setup-ssh.exp
M guest-setup.sh => guest-setup.sh +5 -14
@@ 1,23 1,14 @@
#!/bin/sh

set -ex

# Setup ssh

ssh-keygen -A
mkdir -p /run/sshd

# Without this, you'll get:
#   sh.service: Start request repeated too quickly.
# because sshd tries to start several times at boot,
# but it doesn't have hostkeys available yet.
systemctl reset-failed sshd

systemctl start sshd

# Uncomment to debug output for ssh
# journalctl -xeu ssh.service --no-pager

# Setup ronin user
useradd --create-home ronin
mkdir /home/ronin/.ssh
adduser ronin --gecos "" --disabled-password
echo ronin:ronin | chpasswd
usermod -aG sudo ronin
mkdir -p /home/ronin/.ssh
chown ronin:ronin /home/ronin/.ssh

M ronin.sh => ronin.sh +8 -7
@@ 24,13 24,14 @@ RONIN_DISK="$HOME/.ronin/ronin-disk.qcow2"

test ! -f "$RONIN_DISK" && \
  cp "$RONIN_DEBIAN_IMAGE" "$RONIN_DISK" && \
  qemu-img resize "$RONIN_DEBIAN_IMAGE" 20G \
  qemu-img resize "$RONIN_DISK" 20G \

RONIN_PRIVATE_KEY="$HOME/.ronin/ronin_key.priv"

# could be encapsulated
ssh-keygen -t ed25519 -f "$RONIN_PRIVATE_KEY" -N ''
mv "$HOME/.ronin/ronin_key.priv.pub" "$HOME/.ronin/ronin_key.pub"
# Could be encapsulated... ssh-keygen cli is quite unwieldy
test ! -f "$HOME/.ronin/ronin_key.priv" && \
  ssh-keygen -t ed25519 -f "$RONIN_PRIVATE_KEY" -N '' && \
  mv "$HOME/.ronin/ronin_key.priv.pub" "$HOME/.ronin/ronin_key.pub"

# TODO could leave known_hosts in weird state
GUEST_SSHD_KEY="$HOME/.ronin/guest_ssh_host_ed25519_key.pub"


@@ 38,10 39,10 @@ test ! -f "$GUEST_SSHD_KEY" && ./setup-ssh.sh

# Launch the VM for prime time
qemu-system-x86_64 \
  -hda "$RONIN_DEBIAN_IMAGE" \
  -hda "$RONIN_DISK" \
  -m 4096 \
  -nic hostfwd=tcp::2022-:22 \
  -display none \
  -daemonize
  -daemonize \
  # -display none  # Comment out this line for a graphical window into the guest. Login as root.

ssh ronin@localhost -p 2022 -i "$HOME/.ronin/ronin_key.priv"

M setup-ssh.exp => setup-ssh.exp +3 -0
@@ 41,6 41,9 @@ send "cat > /home/ronin/.ssh/authorized_keys << __EOF__
$pubkey_contents
__EOF__\n"

expect "# "
send "chown ronin:ronin /home/ronin/.ssh/authorized_keys\n"

# Get the guest ssh key to add to host known_hosts
expect "# "
send "cat /etc/ssh/ssh_host_ed25519_key.pub\n"