#!/bin/bash # Deploy SSH public key to all LXC containers and VM 200 in homelab. # Run from machine that can reach Proxmox (192.168.1.150). # Usage: ./deploy-ssh-keys-homelab.sh [path-to-public-key] # Default: ~/.ssh/id_rsa.pub or ~/.ssh/id_ed25519.pub set -e PROXMOX="${PROXMOX:-root@192.168.1.150}" KEY_FILE="${1:-$HOME/.ssh/id_rsa.pub}" [ -f "$HOME/.ssh/id_ed25519.pub" ] && [ ! -f "$KEY_FILE" ] && KEY_FILE="$HOME/.ssh/id_ed25519.pub" if [ ! -f "$KEY_FILE" ]; then echo "Usage: $0 [path-to-public-key]" echo "No key found at $KEY_FILE" exit 1 fi CT_IDS="100 101 103 104 105 107 108 109" echo "Deploying key from $KEY_FILE to homelab hosts..." # Copy key to Proxmox temp, then deploy from there TMP_KEY="/tmp/deploy-ssh-key-$$.pub" scp -q "$KEY_FILE" "$PROXMOX:$TMP_KEY" trap "ssh $PROXMOX 'rm -f $TMP_KEY'" EXIT # Proxmox host echo "Proxmox (192.168.1.150)..." ssh "$PROXMOX" "mkdir -p /root/.ssh && chmod 700 /root/.ssh && grep -qF \"\$(cat $TMP_KEY)\" /root/.ssh/authorized_keys 2>/dev/null || cat $TMP_KEY >> /root/.ssh/authorized_keys && chmod 600 /root/.ssh/authorized_keys" # LXC containers for id in $CT_IDS; do echo "CT $id (192.168.1.$id)..." ssh "$PROXMOX" "pct exec $id -- bash -c 'mkdir -p /root/.ssh && chmod 700 /root/.ssh' && pct push $id $TMP_KEY /tmp/key.pub && pct exec $id -- bash -c 'grep -qF \"\$(cat /tmp/key.pub)\" /root/.ssh/authorized_keys 2>/dev/null || cat /tmp/key.pub >> /root/.ssh/authorized_keys && chmod 600 /root/.ssh/authorized_keys && rm /tmp/key.pub'" done # VM 200 (admin user; root may be disabled) echo "VM 200 (admin@192.168.1.200)..." ssh "$PROXMOX" "scp -o StrictHostKeyChecking=accept-new $TMP_KEY admin@192.168.1.200:/tmp/key.pub && ssh admin@192.168.1.200 'mkdir -p /home/admin/.ssh /root/.ssh && chmod 700 /home/admin/.ssh /root/.ssh 2>/dev/null; grep -qF \"\$(cat /tmp/key.pub)\" /home/admin/.ssh/authorized_keys 2>/dev/null || cat /tmp/key.pub >> /home/admin/.ssh/authorized_keys; echo \"\$(cat /tmp/key.pub)\" | sudo tee -a /root/.ssh/authorized_keys >/dev/null; chmod 600 /home/admin/.ssh/authorized_keys /root/.ssh/authorized_keys 2>/dev/null; rm /tmp/key.pub'" echo "Done. Connect: ssh root@192.168.1.{100,101,103,104,105,107,108,109}, ssh admin@192.168.1.200"