Add ssh key for toghrul

lintaothu res public (#2 )
Co-authored-by: linsir <lintaojlu@163.com> Reviewed-on: https://git.nasp.ob.ac.cn/NASP/registry/pulls/2 Co-authored-by: lintaothu <lintaothu@163.com> Co-committed-by: lintaothu <lintaothu@163.com>
2023-05-25 10:35:23 +08:00 · 2023-05-24 19:19:47 +08:00 · 2023-05-15 10:40:49 +08:00 · 2023-05-04 16:12:16 +08:00 · 2023-05-04 15:10:48 +08:00 · 2023-04-28 16:43:41 +08:00
12 changed files with 137 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,2 @@
+# The NASP Cluster Registry
+
--- a/authorized_keys/authorized_keys
+++ b/authorized_keys/authorized_keys
@ -85,3 +85,5 @@ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCzmgYN5tcYKL8wd9pELVuA/wb+mku7wrlc4kF28jvP
 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCnUV3RkX7xpvRdLWBk/HAvIQM/vtCz0IJN95EQexIcgm7LVDKYEKp4YgCirqfyJm05i+92rwlcnkDuOTkmDXiypcFYnoPdqhyh7q54J+YSJmkXF5RLRmn+m+bH4L+wi8R0cOeAImAFQ8/F+R9cQRxGLGPb8ebXBO/oUCk2KkYdbehKFmz6E2pKV4CGRDpuxA/3JiPlNtNF0xL826+K0jkn/nZ8NsU7v2WpJxITcVvJdKHx9jtOy4Ta8w0Rdvs5YIgJrxTAYZFHmXUaI3DTZDF7qbW/OIM4T5gFUq8G8xVZtdH2u/pL1wgTa3zFMQkaN3c5zCKHm+9E7lt+LW7C0GY5AMkmNgwZe/D83nEUNjK7QB5ULjhULwhKeIlghdfly6mM6+oQ56eLH3fMMA2UalcrCm7RQqILFpv8OXSQ9iQJCPJ5PS3pABpgvc2YF9H1Pu+r/sgK1efQzop5NlT+wXVoKt64px/AUDcKucPlDUg52GEt3EsJUcSMXlIewgPGUU0= ustb_yhb@163.com

 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDg1kImE4U+ySXkqZNrlrsSwyATOKEyRRTQ8lAYhdI1OsMM3WhxCNKDdYPoFUJgZwio5JqBHe6UBLOfL/B+Muh0PYH0+jofIJoWe4grS10zZifisjayrhu0zfWfiGzyLUQY85nUuprUQPvC4qbI1DEspOCoZAE3Q0fjNz6Et3V3j7HLtJLRLZ1unsb5bnV4kf8sbFBxoSqJg9Ut0WBYcWfCW4zReRglJUxSZ6Hux8jHdZ7DGmyAndxBbu4gpzgsyZ8qPq+o4v/J2jYqKUN/6cnJ12hMF7UEsqDntX4JnZhRu8M7VgsNmb1ST9CW/P7X74tY0PGndlf8W0znb4imoBMZY+EMausZGI4ozbYZ5pttU7zCKxHVBO7mUyaRYUeYlo1ZTBUTNxH8lLLHu26LcSyVfuiYG6buQ4FnfM1bb8spckgokzH1+Bq3AtgDIpQEHNiFoh0cekIOtNqfJnJk/wOkWvlstB9YGevN2TQ5Y3VPt6grZyijHDaWOxdXJNHcW3U= lichuanlong@LAPTOP-QEAOKK4F
+
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDO9l6MmdGJo4aR/ej7quGpRrfmlAsCTZraxQqmbJaoHXTDyJEtxr4jeejkpkjizpfI6Nj8LfeEYXJABdRTMU1otHuQljwVR+dUN/GBcACq7JCXNjeT9R64JyEIrhVuMtiXUcXHHf7n9z7qZotdhOyvS6KGSnG9V4m5qnCkXxEyBcEQC0I9qqPt0RFpWx/XGOUuwxx2sdr56eXMFOk0W55FIbYVF0m8xVcYFmXawVFTlz5G+Yt8t/WiFAI3b4PzLfkObSucryr+dPqczOHE/2NYaOmDSS2Eh7Tz2PNP7sIjQpIKWZYQRAWCGcrqENEisTiiPKyzMaaynl6U23LmjuqYjTIuEWrJouSs10ivLeMfhqDbtDG+cRBX6hLW51uiScV324ci/Qd8P+6Dg9oeuHxP34Qy94QXbVNrX9z2Qok2gd+LOlrw9pFu0+M51Gqi2X4Qxr6xNQcdfnCivz9CsLWyewHHb1POTNVtgDKWotUJpelCn+OksUB3sgXSSBccVOk= hotfe@LAPTOP-PEKL7TRE
--- a/authorized_keys/dictxiong/ltp1-bd
+++ b/authorized_keys/dictxiong/ltp1-bd
@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhS4voo3K/Dvzqckr0bouO1WkCI5XxswstHWnuuyKBz ltp1-bd
--- a/authorized_keys/dictxiong/pc1
+++ b/authorized_keys/dictxiong/pc1
@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHLYgVj+NPino6sOmahULN7SbAMaVAgzqPfDjz2S8zDv pc1
--- a/authorized_keys/lintaothu/id_rsa.pub
+++ b/authorized_keys/lintaothu/id_rsa.pub
@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDL4XOqHcUdI6zCDv89jwIcmPKEMLMgtaYknRQxEI9CIB0JzP8fVWy7dIh1I/HQ49SoXprgQxlkeKm1bYZ6J399c1MqtA6cdpWdxL4bd0CqVDOFalHL7YFcF1iw509NByTM67U/t3vIVyAtF+2PyeZnt7BSg71QP5yaNtIPIJwUm33BnkFZS81y2wL2MTSlvooc0vpCFS5aE5amQAqLXkkfMhm5g17rHRc/4lxnEx0G1/+Hq+AuIAGRWk6vQP4SJx08XQeXMfL67nLusKcJk+RnapNUfCXF0FSh10W1v3B6+m37Z7MLNwFu9xVYg24t9o2kIhi12x4bLs/B80ogM8P7GyS1SqW6Pj6XV9TdBG9cUqknqHTaWDiWrzmvqPYko6wml4R+UcE9zInsfG+W4AJfsEdytEAG9GYMwEupnkNumUjGXnGoHTbEhG2fvHznhs4y/I8JfyEy6NlPHFNfCLy1c0ZGrPFvODsJALBVvHJsBnaHHTReoIXM9CVRWFeZf0s= linsir@StarLight
--- a/authorized_keys/onelearn/ybai
+++ b/authorized_keys/onelearn/ybai
@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHgZS2qE1AD1JlXNqqutryNolj+kwNIAxFIFU2vpSEk7 hit_ybai@163.com
--- a/authorized_keys/toghrul/sk0
+++ b/authorized_keys/toghrul/sk0
@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDP8JSCeZDkV/9oq8vUtmnEw7qe3nv9RrChH5LFNHO4Ds71L01ZyzVdsIkOzpxcAdFLJiV5pLVDtBAufEtH1uSIKcbVbDvcoaQAJhJGL90B9NlW8S8hbqBRfJWLAZlFNf/6pEIyRhW5xO/2x3SY2LvjJa7U90wP+XQqSPhol62qeWrGH+UxwQSiqQcfPb209F7n9qSeoROz1tpdtjWTLIKmkhVSG786tEX0eCUK3NqSli95uLfKMWQzw6poscE7PycyUTbUDj2kj2rrNFExDrYyz136hfIIMVmQF9LL8uemqZifQCIZgTkkeVQbn8CuCu7VaJysjcKaHOitgcaulss7GP3t5+DU5dT4VOnE+r7i/TXsVZvVpKKNXEX6vzus5R+7eEO3k+lS/xSNv2qy1XM7c6C0PWTuL+RFaxOq+hDsVkXJRo1BGlqkxJK1G0dG6l/4QD/75tbPi0bbemT2PKbpbu8+PVlR1Zba0OpnsLn3OQOscDZNbcwIT2001TmnDW0= togrul@Abbaslis-MacBook-Pro.local
--- a/scripts/jumpserver_cron.sh
+++ b/scripts/jumpserver_cron.sh
@ -0,0 +1,21 @@
+#!/bin/bash
+set -ex
+THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
+
+tmp_path="/tmp/authorized_keys"
+dest_path="/home/ssh/.ssh/authorized_keys"
+echo "# This file is autoly generated. Changes here will not work." > "$tmp_path"
+
+for file in $(find "$THIS_DIR/../authorized_keys" -type f); do
+    (echo "# key file: ${file#*authorized_keys/}";cat "$file"; echo) >> "$tmp_path"
+done
+
+if [[ ! -d "/home/ssh/.ssh" ]]; then
+    mkdir -p "/home/ssh/.ssh"
+    chown ssh:ssh "/home/ssh/.ssh"
+    chmod 700 "/home/ssh/.ssh"
+fi
+cat "$tmp_path" > "$dest_path"
+rm "$tmp_path"
+chown ssh:ssh "$dest_path"
+chmod 600 "$dest_path"
--- a/scripts/jumpserver_deploy.sh
+++ b/scripts/jumpserver_deploy.sh
@ -0,0 +1,25 @@
+#!/bin/bash
+set -ex
+THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
+
+adduser \
+   --disabled-password \
+   --home /home/ssh \
+   --gecos "jumpserver user ssh" \
+   ssh
+
+usermod -p '*' ssh
+
+insert_if_not_exist()
+{
+    filename=$1
+    line=$2
+    if [ ! -f "$filename" ]; then
+        touch $filename
+    fi
+    grep -qxF -- "$line" "$filename" || echo "$line" >> "$filename"
+}
+
+insert_if_not_exist "/etc/crontabs/root" "*/5 * * * * cd \"$THIS_DIR\" && git pull && \"$THIS_DIR\"/jumpserver_cron.sh"
+
+"$THIS_DIR"/jumpserver_cron.sh
--- a/scripts/nasp
+++ b/scripts/nasp
@ -0,0 +1,5 @@
+%nasp ALL = (root) NOPASSWD: /usr/bin/docker
+%nasp ALL = (root) NOPASSWD: /usr/sbin/reboot
+%nasp ALL = (root) NOPASSWD: /usr/bin/whoami
+%nasp ALL = (root) NOPASSWD: /usr/bin/nvidia-smi
+%nasp ALL = (root) NOPASSWD: /usr/sbin/shutdown
--- a/scripts/testbed_cron.sh
+++ b/scripts/testbed_cron.sh
@ -0,0 +1,57 @@
+#!/bin/bash
+set -ex
+THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
+
+touch_user() {
+    test -n "$1"
+    if id -u $1 1>/dev/null 2>&1; then
+        return
+    fi
+    if ! getent group nasp ; then
+        echo "Group 'nasp' does not exist\!"
+        exit 1
+    fi
+
+    adduser \
+        --shell /bin/bash \
+        --disabled-password \
+        --home /home/$1 \
+        --gecos "nasp member" \
+        $1
+    usermod -a -G nasp $1
+}
+
+update_key() {
+    tmp_path="/tmp/authorized_keys_$1"
+    dest_path="/home/$1/.ssh/authorized_keys"
+    dest_dir=$(dirname "$dest_path")
+
+    echo "# This file is autoly generated. Changes here will not work." > "$tmp_path"
+    for file in $(find "$THIS_DIR/../authorized_keys/$1" -type f); do
+        (echo "# key file: ${file#*authorized_keys/}";cat "$file"; echo) >> "$tmp_path"
+    done
+
+    if [[ ! -d "$dest_dir" ]]; then
+        mkdir -p "$dest_dir"
+        chown $1:$1 "$dest_dir"
+        chmod 700 "$dest_dir"
+    fi
+    cat "$tmp_path" > "$dest_path"
+    rm "$tmp_path"
+    chown $1:$1 "$dest_path"
+    chmod 600 "$dest_path"
+}
+
+main() {
+    cp "$THIS_DIR/nasp" "/etc/sudoers.d/nasp"
+    for file in "$THIS_DIR"/../authorized_keys/* ; do
+        if [[ ! -d "$file" ]]; then
+            continue
+        fi
+        username=$(basename $file)
+        touch_user $username
+        update_key $username
+    done
+}
+
+main
--- a/scripts/testbed_deploy.sh
+++ b/scripts/testbed_deploy.sh
@ -0,0 +1,20 @@
+#!/bin/bash
+set -ex
+THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
+
+apt update && apt install sudo
+addgroup nasp
+
+insert_if_not_exist()
+{
+    filename=$1
+    line=$2
+    if [ ! -f "$filename" ]; then
+        touch $filename
+    fi
+    grep -qxF -- "$line" "$filename" || echo "$line" >> "$filename"
+}
+
+insert_if_not_exist "/etc/crontab" "*/5 * * * * root cd \"$THIS_DIR\" && git pull && \"$THIS_DIR\"/testbed_cron.sh"
+
+"$THIS_DIR"/testbed_cron.sh
Author	SHA1	Message	Date
Abbasli Toghrul	df6d6bda11	Add ssh key for toghrul	2023-05-25 10:35:23 +08:00
lintaothu	e64bfc0c48	lintaothu res public (#2 ) Co-authored-by: linsir <lintaojlu@163.com> Reviewed-on: https://git.nasp.ob.ac.cn/NASP/registry/pulls/2 Co-authored-by: lintaothu <lintaothu@163.com> Co-committed-by: lintaothu <lintaothu@163.com>	2023-05-24 19:19:47 +08:00
xiuting.xu	d47b0b122b	add baiyu's pubkey (#1 ) Co-authored-by: xiuting.xu <xiutingxt.xu@gmail.com> Reviewed-on: https://git.nasp.ob.ac.cn/NASP/registry/pulls/1 Co-authored-by: xiuting.xu <xuxiuting04@126.com> Co-committed-by: xiuting.xu <xuxiuting04@126.com>	2023-05-15 10:40:49 +08:00
Dict Xiong	0cfb4bc2be	key: dictxiong/pc1	2023-05-04 16:12:16 +08:00
Dict Xiong	930deb1349	debug	2023-05-04 15:10:48 +08:00
xiongdian.me	891d6cd73f	file nasp mod -x	2023-04-28 16:43:41 +08:00
xiongdian.me	bbc8d97422	sudo /usr/sbin/shutdown	2023-04-28 16:42:01 +08:00
xiongdian.me	746d326356	sudo /usr/bin/nvidia-smi	2023-04-28 16:41:20 +08:00
Dict Xiong	4026106afb	init README.md	2023-04-24 21:20:12 +08:00
xiongdian.me	5965fc742f	key: dictxiong/ltp1-bd	2023-04-23 16:03:56 +08:00
Dict Xiong	a11b2b60c7	jumpserver use /etc/crontabs/root instead of /etc/crontab	2023-04-21 17:56:16 +08:00
Dict Xiong	179eac4dc6	bug fix (Fri Apr 21 17:36:00 CST 2023)	2023-04-21 17:36:01 +08:00
Dict Xiong	f7fa5afce2	try: adding a new key pc1	2023-04-21 17:27:48 +08:00
Dict Xiong	9fa560e5c2	bug fix (Fri Apr 21 17:23:03 CST 2023)	2023-04-21 17:23:04 +08:00
Dict Xiong	cce4a4c5bc	testbed_deploy.sh	2023-04-21 17:13:35 +08:00
Dict Xiong	0ca082e81b	sync ssh key	2023-04-21 16:49:31 +08:00
Dict Xiong	1621cddf38	debug	2023-04-21 16:46:37 +08:00
Dict Xiong	b29880ff81	jumpserver_deploy.sh	2023-04-21 16:33:18 +08:00
xiongdian.me	9fb20aeb9d	--wip-- [skip ci]	2023-03-30 14:04:03 +08:00
Dict Xiong	310dac2125	jumpserver_deploy.sh init	2023-03-30 01:39:08 +08:00
				`@ -0,0 +1 @@`
				`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhS4voo3K/Dvzqckr0bouO1WkCI5XxswstHWnuuyKBz ltp1-bd`
				`@ -0,0 +1 @@`
				`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHLYgVj+NPino6sOmahULN7SbAMaVAgzqPfDjz2S8zDv pc1`
				`@ -0,0 +1 @@`
				ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDL4XOqHcUdI6zCDv89jwIcmPKEMLMgtaYknRQxEI9CIB0JzP8fVWy7dIh1I/HQ49SoXprgQxlkeKm1bYZ6J399c1MqtA6cdpWdxL4bd0CqVDOFalHL7YFcF1iw509NByTM67U/t3vIVyAtF+2PyeZnt7BSg71QP5yaNtIPIJwUm33BnkFZS81y2wL2MTSlvooc0vpCFS5aE5amQAqLXkkfMhm5g17rHRc/4lxnEx0G1/+Hq+AuIAGRWk6vQP4SJx08XQeXMfL67nLusKcJk+RnapNUfCXF0FSh10W1v3B6+m37Z7MLNwFu9xVYg24t9o2kIhi12x4bLs/B80ogM8P7GyS1SqW6Pj6XV9TdBG9cUqknqHTaWDiWrzmvqPYko6wml4R+UcE9zInsfG+W4AJfsEdytEAG9GYMwEupnkNumUjGXnGoHTbEhG2fvHznhs4y/I8JfyEy6NlPHFNfCLy1c0ZGrPFvODsJALBVvHJsBnaHHTReoIXM9CVRWFeZf0s= linsir@StarLight
				`@ -0,0 +1 @@`
				`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHgZS2qE1AD1JlXNqqutryNolj+kwNIAxFIFU2vpSEk7 hit_ybai@163.com`
				`@ -0,0 +1 @@`
				ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDP8JSCeZDkV/9oq8vUtmnEw7qe3nv9RrChH5LFNHO4Ds71L01ZyzVdsIkOzpxcAdFLJiV5pLVDtBAufEtH1uSIKcbVbDvcoaQAJhJGL90B9NlW8S8hbqBRfJWLAZlFNf/6pEIyRhW5xO/2x3SY2LvjJa7U90wP+XQqSPhol62qeWrGH+UxwQSiqQcfPb209F7n9qSeoROz1tpdtjWTLIKmkhVSG786tEX0eCUK3NqSli95uLfKMWQzw6poscE7PycyUTbUDj2kj2rrNFExDrYyz136hfIIMVmQF9LL8uemqZifQCIZgTkkeVQbn8CuCu7VaJysjcKaHOitgcaulss7GP3t5+DU5dT4VOnE+r7i/TXsVZvVpKKNXEX6vzus5R+7eEO3k+lS/xSNv2qy1XM7c6C0PWTuL+RFaxOq+hDsVkXJRo1BGlqkxJK1G0dG6l/4QD/75tbPi0bbemT2PKbpbu8+PVlR1Zba0OpnsLn3OQOscDZNbcwIT2001TmnDW0= togrul@Abbaslis-MacBook-Pro.local