Add support for ssh key (hestiacp#2906)

jaapmarcus · web-flow · commit f04db1a79b3c · 2022-09-19T16:20:19.000+02:00
* Add support for private / public keys

* Update backup.sh
diff --git a/bin/v-add-backup-host b/bin/v-add-backup-host
@@ -50,6 +50,7 @@ EOF
 
 # Defining sftp command function
 sftpc() {
+    if [ "$privatekey" != "yes" ]; then 
     expect -f "-" <<EOF "$@"
         set count 0
         spawn /usr/bin/sftp -o StrictHostKeyChecking=no -o Port=$port $user@$host
@@ -98,6 +99,52 @@ sftpc() {
 
         exit \$rc
 EOF
+else
+    expect -f "-" <<EOF "$@"
+            set count 0
+            spawn /usr/bin/sftp -o StrictHostKeyChecking=no -o Port=$port -i $raw_password $user@$host
+            expect {
+    
+                -re "Couldn't|(.*)disconnect|(.*)stalled|(.*)not found" {
+                    set count \$argc
+                    set output "Disconnected."
+                    set rc $E_FTP
+                    exp_continue
+                }
+    
+                -re ".*denied.*(publickey|password)." {
+                    set output "Permission denied, wrong publickey or password."
+                    set rc $E_CONNECT
+                }
+    
+                "sftp>" {
+                    if {\$count < \$argc} {
+                        set arg [lindex \$argv \$count]
+                        send "\$arg\r"
+                        incr count
+                    } else {
+                        send "exit\r"
+                        set output "Disconnected."
+                        if {[info exists rc] != 1} {
+                            set rc $OK
+                        }
+                    }
+                    exp_continue
+                }
+    
+                timeout {
+                    set output "Connection timeout."
+                    set rc $E_CONNECT
+                }
+            }
+    
+            if {[info exists output] == 1} {
+                puts "\$output"
+            }
+    
+            exit \$rc
+EOF
+    fi
 }
 
 #----------------------------------------------------------#
@@ -109,7 +156,17 @@ if [ "$type" != 'local' ];then
     is_format_valid 'host' 'path' 'port'
     is_type_valid  'sftp,ftp,b2' "$type"
     is_username_format_valid "$user" "username"
-    is_password_valid
+    privatekey="no"
+    if [ -f "$raw_password" ]; then
+        if [[ $(cat  "$raw_password" | grep "OPENSSH PRIVATE") ]]; then
+            privatekey="yes"
+            password="$raw_password"
+        else
+            is_password_valid    
+        fi   
+    else
+        is_password_valid
+    fi
     format_no_quotes "$password" "password"
     
     if [ "$type" = 'sftp' ]; then
@@ -224,7 +281,7 @@ fi
 # Adding backup host
 if [ $type != 'local' ] && [ $type != 'b2' ]; then
     new_timestamp
-    str="HOST='$host'\nUSERNAME='$user'\nPASSWORD='$password'"
+    str="HOST='$host'\nUSERNAME='$user'\nPASSWORD='$password'\nPRIVATEKEY='$privatekey'"
     str="$str\nBPATH='$path'\nPORT='$port'\nTIME='$time'\nDATE='$date'"
     echo -e "$str" > $HESTIA/conf/$type.backup.conf
     chmod 660 $HESTIA/conf/$type.backup.conf
diff --git a/func/backup.sh b/func/backup.sh
@@ -197,60 +197,119 @@ ftp_delete() {
 # SFTP Functions
 # sftp command function
 sftpc() {
-    expect -f "-" <<EOF "$@"
-        set timeout 60
-        set count 0
-        spawn /usr/bin/sftp -o StrictHostKeyChecking=no \
-            -o Port=$PORT $USERNAME@$HOST
-        expect {
-            -nocase "password:" {
-                send "$PASSWORD\r"
-                exp_continue
-            }
-
-            -re "Couldn't|(.*)disconnect|(.*)stalled|(.*)not found" {
-                set count \$argc
-                set output "Disconnected."
-                set rc $E_FTP
-                exp_continue
-            }
-
-            -re ".*denied.*(publickey|password)." {
-                set output "Permission denied, wrong publickey or password."
-                set rc $E_CONNECT
+    if [ $PRIVATEKEY != "yes" ]; then
+        expect -f "-" <<EOF "$@"
+            set timeout 60
+            set count 0
+            spawn /usr/bin/sftp -o StrictHostKeyChecking=no \
+                -o Port=$PORT $USERNAME@$HOST
+            expect {
+                -nocase "password:" {
+                    send "$PASSWORD\r"
+                    exp_continue
+                }
+    
+                -re "Couldn't|(.*)disconnect|(.*)stalled|(.*)not found" {
+                    set count \$argc
+                    set output "Disconnected."
+                    set rc $E_FTP
+                    exp_continue
+                }
+    
+                -re ".*denied.*(publickey|password)." {
+                    set output "Permission denied, wrong publickey or password."
+                    set rc $E_CONNECT
+                }
+    
+                -re "\[0-9]*%" {
+                    exp_continue
+                }
+    
+                "sftp>" {
+                    if {\$count < \$argc} {
+                        set arg [lindex \$argv \$count]
+                        send "\$arg\r"
+                        incr count
+                    } else {
+                        send "exit\r"
+                        set output "Disconnected."
+                        if {[info exists rc] != 1} {
+                            set rc $OK
+                        }
+                    }
+                    exp_continue
+                }
+    
+                timeout {
+                    set output "Connection timeout."
+                    set rc $E_CONNECT
+                }
             }
-
-            -re "\[0-9]*%" {
-                exp_continue
+    
+            if {[info exists output] == 1} {
+                puts "\$output"
             }
+    
+        exit \$rc
+EOF
+    else
 
-            "sftp>" {
-                if {\$count < \$argc} {
-                    set arg [lindex \$argv \$count]
-                    send "\$arg\r"
-                    incr count
-                } else {
-                    send "exit\r"
+        expect -f "-" <<EOF "$@"
+            set timeout 60
+            set count 0
+            spawn /usr/bin/sftp -o StrictHostKeyChecking=no \
+                -o Port=$PORT -i $PASSWORD $USERNAME@$HOST
+            expect {
+                -nocase "password:" {
+                    send "$PASSWORD\r"
+                    exp_continue
+                }
+    
+                -re "Couldn't|(.*)disconnect|(.*)stalled|(.*)not found" {
+                    set count \$argc
                     set output "Disconnected."
-                    if {[info exists rc] != 1} {
-                        set rc $OK
+                    set rc $E_FTP
+                    exp_continue
+                }
+    
+                -re ".*denied.*(publickey|password)." {
+                    set output "Permission denied, wrong publickey or password."
+                    set rc $E_CONNECT
+                }
+    
+                -re "\[0-9]*%" {
+                    exp_continue
+                }
+    
+                "sftp>" {
+                    if {\$count < \$argc} {
+                        set arg [lindex \$argv \$count]
+                        send "\$arg\r"
+                        incr count
+                    } else {
+                        send "exit\r"
+                        set output "Disconnected."
+                        if {[info exists rc] != 1} {
+                            set rc $OK
+                        }
                     }
+                    exp_continue
+                }
+    
+                timeout {
+                    set output "Connection timeout."
+                    set rc $E_CONNECT
                 }
-                exp_continue
             }
-
-            timeout {
-                set output "Connection timeout."
-                set rc $E_CONNECT
+    
+            if {[info exists output] == 1} {
+                puts "\$output"
             }
-        }
-
-        if {[info exists output] == 1} {
-            puts "\$output"
-        }
-
-    exit \$rc
+    
+        exit \$rc
 EOF
+
+    fi
 }
 
 # SFTP backup download function
