Skip to main content
Solved

RSA Key Removal Scripting Question

  • September 4, 2013
  • 4 replies
  • 0 views
Z
Forum|alt.badge.img+7

Hey all:
Pretty new to JAMF Casper and shell scripting but I am having an issue that probably has a simple fix. We have users connecting a server via SSH in Terminal in a computer lab. We recently replaced the server so the RSA key has changed. I want to script the removal of the old RSA key from users home directories (stored in /Users/(Insert Username Here)/.ssh/ and have it run once per user as a policy

When I run it as a policy, Casper tries to use the /var/root/.ssh as the working directory except I want the working directory for it to use as the current user's home directory.
The script I have runs as follows:

ssh-keygen -R (insert my server name here)

before that command runs I have tried to use cd and change it to $user and tried "$3" since that is a built in variable casper creates but the command continues to run from /var/root so it bombs out. Any advice on how to make sure Casper uses the current working directory would be appreciated

Thanks!

Best answer by SamF

I was able to successfully run the command on my box, and it prompted me to trust the host after attempting to SSH to the sever again. What if you pull out the variables and try running it locally?

ssh-keygen -R (server name) -f /Users/UserName/.ssh/known_hosts

View original
    Did this topic help you find an answer to your question?

    4 replies

    S
    Forum|alt.badge.img+20
    • SamF
    • Employee
    • 77 replies
    • September 4, 2013

    It sound like you'll need to create a variable to gather the username or run the script at login with $3 populating the username. Try something like this and see if it gets you the desired results:

    #!/bin/bash

user=`defaults read /Library/Preferences/com.apple.loginwindow.plist lastUserName`
ssh-keygen -R (server name) -f /Users/$user/.ssh/known_hosts
    Z
    Forum|alt.badge.img+7
    • zskidmor
    • Author
    • Contributor
    • 40 replies
    • September 5, 2013

    Thanks! unfortunatly it looks like you can't use ssh-keygen -R and -f in the same command (Too many arguments), is there a way to split this into two commands and still have it work?

    S
    Forum|alt.badge.img+20
    • SamF
    • Employee
    • 77 replies
    • Answer
    • September 5, 2013

    I was able to successfully run the command on my box, and it prompted me to trust the host after attempting to SSH to the sever again. What if you pull out the variables and try running it locally?

    ssh-keygen -R (server name) -f /Users/UserName/.ssh/known_hosts

    Z
    Forum|alt.badge.img+7
    • zskidmor
    • Author
    • Contributor
    • 40 replies
    • September 30, 2013

    We ended up resolving this issue a different way (we actually fixed the root cause of what was prompting me to try to remove the existing key). We had discovered that the systems that had the RSA key were not in fact wiped like they should have been so we took care it that way. Thanks for the help Sam!

    Reply


    Most helpful members this week

    Terms & ConditionsCookie settingsAccessibility statement

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

     
    Cookie settings