scripts/dev-vm/add-dev-user-ssh-keys.sh

#!/usr/bin/env bash
# Add SSH public key(s) to dev1, dev2, dev3, dev4 on Dev VM (CT 5700).
# Usage:
#   PUBLIC_KEY="$(cat ~/.ssh/id_ed25519.pub)" bash scripts/dev-vm/add-dev-user-ssh-keys.sh
#   bash scripts/dev-vm/add-dev-user-ssh-keys.sh /path/to/key.pub
#   bash scripts/dev-vm/add-dev-user-ssh-keys.sh   # uses ~/.ssh/id_ed25519.pub or id_rsa.pub
# Requires: SSH as root to the Proxmox host that runs CT 5700 (default: PROXMOX_R630_01).
set -euo pipefail

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
source "$PROJECT_ROOT/config/ip-addresses.conf" 2>/dev/null || true
[ -f "$PROJECT_ROOT/.env" ] && set +u && source "$PROJECT_ROOT/.env" 2>/dev/null || true && set -u

VMID=5700
PROXMOX_HOST="${PROXMOX_HOST:-${PROXMOX_R630_01:-192.168.11.11}}"
USERS="dev1 dev2 dev3 dev4"

if [ -n "${PUBLIC_KEY:-}" ]; then
  KEY="$PUBLIC_KEY"
elif [ -n "${1:-}" ] && [ -f "$1" ]; then
  KEY=$(cat "$1")
elif [ -f "$HOME/.ssh/id_ed25519.pub" ]; then
  KEY=$(cat "$HOME/.ssh/id_ed25519.pub")
elif [ -f "$HOME/.ssh/id_rsa.pub" ]; then
  KEY=$(cat "$HOME/.ssh/id_rsa.pub")
else
  echo "No public key found. Set PUBLIC_KEY= or pass a key file, or add ~/.ssh/id_ed25519.pub / id_rsa.pub"
  exit 1
fi

KEY_B64=$(printf '%s\n' "$KEY" | base64 -w0)

echo "Adding SSH key to $USERS on CT $VMID (host $PROXMOX_HOST)..."
for u in $USERS; do
  ssh -o ConnectTimeout=10 -o StrictHostKeyChecking=accept-new root@"$PROXMOX_HOST" \
    "pct exec $VMID -- bash -c 'mkdir -p /home/$u/.ssh && chmod 700 /home/$u/.ssh && echo \"$KEY_B64\" | base64 -d >> /home/$u/.ssh/authorized_keys && chmod 600 /home/$u/.ssh/authorized_keys && chown -R $u:$u /home/$u/.ssh'"
  echo "  OK: $u"
done
echo "Done. Test: ssh dev1@${IP_DEV_VM:-192.168.11.59}"
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates - ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands - CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround - CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check - NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere - MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates - LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference Co-authored-by: Cursor <cursoragent@cursor.com> 2026-02-12 15:46:57 -08:00			`#!/usr/bin/env bash`
			`# Add SSH public key(s) to dev1, dev2, dev3, dev4 on Dev VM (CT 5700).`
			`# Usage:`
			`# PUBLIC_KEY="$(cat ~/.ssh/id_ed25519.pub)" bash scripts/dev-vm/add-dev-user-ssh-keys.sh`
			`# bash scripts/dev-vm/add-dev-user-ssh-keys.sh /path/to/key.pub`
			`# bash scripts/dev-vm/add-dev-user-ssh-keys.sh # uses ~/.ssh/id_ed25519.pub or id_rsa.pub`
			`# Requires: SSH as root to the Proxmox host that runs CT 5700 (default: PROXMOX_R630_01).`
			`set -euo pipefail`

			`SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"`
			`PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"`
			`source "$PROJECT_ROOT/config/ip-addresses.conf" 2>/dev/null \|\| true`
			`[ -f "$PROJECT_ROOT/.env" ] && set +u && source "$PROJECT_ROOT/.env" 2>/dev/null \|\| true && set -u`

			`VMID=5700`
			`PROXMOX_HOST="${PROXMOX_HOST:-${PROXMOX_R630_01:-192.168.11.11}}"`
			`USERS="dev1 dev2 dev3 dev4"`

			`if [ -n "${PUBLIC_KEY:-}" ]; then`
			`KEY="$PUBLIC_KEY"`
			`elif [ -n "${1:-}" ] && [ -f "$1" ]; then`
			`KEY=$(cat "$1")`
			`elif [ -f "$HOME/.ssh/id_ed25519.pub" ]; then`
			`KEY=$(cat "$HOME/.ssh/id_ed25519.pub")`
			`elif [ -f "$HOME/.ssh/id_rsa.pub" ]; then`
			`KEY=$(cat "$HOME/.ssh/id_rsa.pub")`
			`else`
			`echo "No public key found. Set PUBLIC_KEY= or pass a key file, or add ~/.ssh/id_ed25519.pub / id_rsa.pub"`
			`exit 1`
			`fi`

			`KEY_B64=$(printf '%s\n' "$KEY" \| base64 -w0)`

			`echo "Adding SSH key to $USERS on CT $VMID (host $PROXMOX_HOST)..."`
			`for u in $USERS; do`
			`ssh -o ConnectTimeout=10 -o StrictHostKeyChecking=accept-new root@"$PROXMOX_HOST" \`
			`"pct exec $VMID -- bash -c 'mkdir -p /home/$u/.ssh && chmod 700 /home/$u/.ssh && echo \"$KEY_B64\" \| base64 -d >> /home/$u/.ssh/authorized_keys && chmod 600 /home/$u/.ssh/authorized_keys && chown -R $u:$u /home/$u/.ssh'"`
			`echo " OK: $u"`
			`done`
Sync all local changes: docs, config, scripts, submodule refs, verification evidence Co-authored-by: Cursor <cursoragent@cursor.com> 2026-02-21 15:46:06 -08:00			`echo "Done. Test: ssh dev1@${IP_DEV_VM:-192.168.11.59}"`