doctator/bin-there-done-that
doctator/bin-there-done-that
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
bin-there-done-that/miscellaneous/vps/check-hardened.sh

38 lines
957 B
Bash
Raw Normal View History

Auto-commit from giteapush.sh at 2025-05-21 16:08:22
2025-05-21 16:08:22 -04:00
#!/usr/bin/env bash
# check-hardened.sh - Scan all known Genesis VPSes for hardening status
# Requirements: ssh access to all VPSes by label or IP
LOG_BASE="/home/doc/vpslogs"
MARKER_FILE="/var/log/genesis-hardened.ok"
if [ ! -d "$LOG_BASE" ]; then
echo "❌ Log directory $LOG_BASE does not exist. Are you running this on Krang?"
exit 1
fi
cd "$LOG_BASE" || exit 1
echo "🔍 Scanning for hardened Genesis VPSes..."
echo
for LOG in *.log; do
VPS_LABEL="${LOG%.log}"
LAST_KNOWN_IP=$(grep -Eo '\([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\)' "$LOG" | tail -1 | tr -d '()')
if [ -z "$LAST_KNOWN_IP" ]; then
echo "⚠️ $VPS_LABEL: No IP found in log. Skipping."
continue
fi
echo -n "🔧 $VPS_LABEL ($LAST_KNOWN_IP): "
ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no root@"$LAST_KNOWN_IP" "test -f $MARKER_FILE" >/dev/null 2>&1
if [ $? -eq 0 ]; then
echo "✅ Hardened"
else
echo "❌ Not marked as hardened"
fi
done
Reference in New Issue Copy Permalink