felix/sshworkshop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
sshworkshop/setups/gateway.sh

39 lines
1.4 KiB
Bash
Executable File
Raw Permalink Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
#!/bin/bash
dpkg-reconfigure openssh-server
# the "northbound" interface connecting the gateway to the "real" server/clab hypervisor (NOT management-interface!)
ip addr replace dev eth1 10.192.40.2/29
# the "southbound" interface towards all the clients that we are DHCP server for
ip addr replace dev eth2 192.168.0.254/24
# "eastbound" gw<->jumphost1 eth3 and 172.16.200/23 behind jumphost1
ip addr replace dev eth3 172.16.202.32/31
# ip route replace 172.16.200/23 via 172.16.202.33
echo "nameserver 192.168.0.254" > /etc/resolv.conf
useradd -m keycollector
mkdir -p /home/keycollector/.ssh/
echo "restrict ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKpofQk36/HtJcTSHVqFY9f0iyliVnDRWKpPvlnS3v5F keycollect-identity" > /home/keycollector/.ssh/authorized_keys
chown keycollector:keycollector /home/keycollector/.ssh/ -Rv
# ----------------------------------------------------------------------
# Run the long pipeline in the background, but start it only after 60s.
# The rest of the script continues immediately.
# ----------------------------------------------------------------------
(
# wait 180seconds first
sleep 180
/usr/local/bin/online-users.sh
) > /online-users.txt & # ← background the whole subshell
# launch dnsmasq (automatically backgrounds)
(dnsmasq --no-daemon --log-facility=/dns.log --log-queries) &
# dnsmasq --no-daemon
/usr/sbin/sshd -D
Reference in New Issue View Git Blame Copy Permalink