61 lines
1.4 KiB
Bash
61 lines
1.4 KiB
Bash
#!/bin/bash
|
||
set -e
|
||
|
||
echo "== NAS SSH 远程关机初始化脚本(Root 模式) =="
|
||
echo "作者: wukongdaily"
|
||
echo "用途: 允许 OpenWrt 通过 SSH 密钥安全关机 NAS(fnOS 兼容)"
|
||
echo
|
||
|
||
# 必须使用 root
|
||
if [ "$EUID" -ne 0 ]; then
|
||
echo "❌ 请使用 root 用户运行此脚本"
|
||
exit 1
|
||
fi
|
||
|
||
SYSTEMCTL_PATH="$(command -v systemctl)"
|
||
|
||
if [ -z "$SYSTEMCTL_PATH" ]; then
|
||
echo "❌ 未检测到 systemctl(非 systemd 系统)"
|
||
exit 1
|
||
fi
|
||
|
||
SSH_DIR="/root/.ssh"
|
||
AUTH_KEYS="$SSH_DIR/authorized_keys"
|
||
|
||
echo "当前用户: root"
|
||
echo "systemctl 路径: $SYSTEMCTL_PATH"
|
||
echo "SSH 公钥文件: $AUTH_KEYS"
|
||
echo
|
||
echo "将执行以下操作:"
|
||
echo " - 创建 /root/.ssh(如不存在)"
|
||
echo " - 初始化 authorized_keys 权限"
|
||
echo " - 不修改 sudoers(直接使用 root)"
|
||
echo
|
||
read -p "是否继续?[y/N]: " CONFIRM
|
||
[[ "$CONFIRM" =~ ^[Yy]$ ]] || exit 0
|
||
|
||
echo
|
||
echo "== 初始化 SSH 目录 =="
|
||
|
||
mkdir -p "$SSH_DIR"
|
||
chmod 700 "$SSH_DIR"
|
||
|
||
touch "$AUTH_KEYS"
|
||
chmod 600 "$AUTH_KEYS"
|
||
|
||
echo "✔ SSH 目录与权限已设置"
|
||
|
||
echo
|
||
echo "🎉 初始化完成"
|
||
echo
|
||
echo "下一步你需要做的:"
|
||
echo "1️⃣ 将 OpenWrt 的 SSH 公钥追加到:"
|
||
echo " $AUTH_KEYS"
|
||
echo
|
||
echo "2️⃣ OpenWrt 侧测试命令:"
|
||
echo " ssh root@<NAS_IP> \"$SYSTEMCTL_PATH poweroff\""
|
||
echo
|
||
echo "⚠️ 建议:"
|
||
echo " - 该 key 只用于 OpenWrt 自动化"
|
||
echo " - 不要用于人工登录"
|