Commit fead8f6c authored by Maxence MOHR's avatar Maxence MOHR

Added port variable

parent f4e47478
......@@ -2,6 +2,7 @@
##### VARIABLES THAT YOU SHOULD MODIFY #####
HOST="%fqdn%"
USER="%user%"
PORT="22"
PROVIDERLIB="/usr/lib/x86_64-linux-gnu/opensc-pkcs11.so"
DISTANTPROVIDERLIB="/usr/local/lib/pkcs11/p11-kit-client.so"
EJBCASTOPCOMMAND="sudo systemctl stop ejbca.service"
......@@ -80,7 +81,7 @@ testinit() {
testinitremote() {
echo -e "Verifying if systemd user service is enabled (remote)...\n"
if ssh "$USER"@"$HOST" systemctl --user status p11-kit-client.service | grep "Active: active" > /dev/null
if ssh "$USER"@"$HOST" -p "$PORT" systemctl --user status p11-kit-client.service | grep "Active: active" > /dev/null
then
echo -e "Remote has user service running.\n"
return 0;
......@@ -100,8 +101,8 @@ init() {
initremote() {
# Enabling systemctl daemon for keeping folder
echo "Enabling p11-kit-client.service (distant)..."
ssh "$USER"@"$HOST" systemctl --user enable p11-kit-client.service
ssh "$USER"@"$HOST" systemctl --user start p11-kit-client.service
ssh "$USER"@"$HOST" -p "$PORT" systemctl --user enable p11-kit-client.service
ssh "$USER"@"$HOST" -p "$PORT" systemctl --user start p11-kit-client.service
echo -e "Done\n"
}
......@@ -117,8 +118,8 @@ cleanup() {
# distant
echo "Cleaning distant machine..."
DISTANTRUN=$(ssh $USER@$HOST systemd-path user-runtime)
ssh "$USER"@"$HOST" rm "$DISTANTRUN/p11-kit"/*
DISTANTRUN=$(ssh $USER@$HOST -p "$PORT" systemd-path user-runtime)
ssh "$USER"@"$HOST" -p "$PORT" rm "$DISTANTRUN/p11-kit"/*
echo -n "Done\n"
}
......@@ -131,7 +132,7 @@ testserverstart() {
exit 1;
fi
ssh "$USER"@"$HOST" -f "$DISTANTPROVIDERLIB"
ssh "$USER"@"$HOST" -p "$PORT" -f "$DISTANTPROVIDERLIB"
if [[ $? -ne 0 ]]
then
echo "$DISTANTPROVIDERLIB does not exist on local machine. Exiting."
......@@ -151,13 +152,13 @@ serverstart() {
echo "Done, local socket is at ${P11_KIT_SERVER_ADDRESS#*=}"
# Check unix socket exists
echo "SSH tunneling the socket to remote EJBCA instance"
nohup ssh -N -f -R "$DISTANTRUN/p11-kit/pkcs11":${P11_KIT_SERVER_ADDRESS#*=} "$USER"@"$HOST"
nohup ssh -p "$PORT" -N -f -R "$DISTANTRUN/p11-kit/pkcs11":${P11_KIT_SERVER_ADDRESS#*=} "$USER"@"$HOST"
echo -e "SSH tunneling done, remote socket is at $HOST:$DISTANTRUN/p11-kit/pkcs11\n"
}
servertest() {
echo "Testing remote access to smartcard..."
TESTRES=$(ssh "$USER"@"$HOST" pkcs11-tool --module "$DISTANTPROVIDERLIB" -L 2>&1)
TESTRES=$(ssh "$USER"@"$HOST" -p "$PORT" pkcs11-tool --module "$DISTANTPROVIDERLIB" -L 2>&1)
echo "Test result:"
echo "$TESTRES"
if [[ $(grep "No slots." <<< $TESTRES) ]]
......@@ -171,13 +172,13 @@ servertest() {
testejbca()
{
echo "Testing remote for EJBCA installation..."
ssh "$USER"@"$HOST" "[ -d ejbca ]"
ssh "$USER"@"$HOST" -p "$PORT" "[ -d ejbca ]"
if [[ $? -ne 0 ]]
then
echo "EJBCA is not existing in home folder of remote user. Exiting script."
exit 1;
else
ssh "$USER"@"$HOST" "[ -d wildfly ]"
ssh "$USER"@"$HOST" -p "$PORT" "[ -d wildfly ]"
if [[ $? -ne 0 ]]
then
echo "EJBCA is not existing in home folder of remote user. Exiting script."
......@@ -189,8 +190,8 @@ testejbca()
ejbcarestart() {
echo "Restarting EJBCA to ensure recognition of the remote-ed HSM..."
ssh "$USER"@"$HOST" "$EJBCASTOPCOMMAND"
ssh "$USER"@"$HOST" "$EJBCASTARTCOMMAND"
ssh "$USER"@"$HOST" -p "$PORT" "$EJBCASTOPCOMMAND"
ssh "$USER"@"$HOST" -p "$PORT" "$EJBCASTARTCOMMAND"
echo -e "EJBCA restarted, please wait 20 seconds and connect to EJBCA to add HSM to EJBCA cryptotoken.\n"
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment