blob: cdaeef84e2bab9ff26ce2ab09c011f1bb6e5e9b1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
#!/usr/bin/env bash
# check-hardened.sh - Scan all known Genesis VPSes for hardening status
# Requirements: ssh access to all VPSes by label or IP
LOG_BASE="/home/doc/vpslogs"
MARKER_FILE="/var/log/genesis-hardened.ok"
if [ ! -d "$LOG_BASE" ]; then
echo "❌ Log directory $LOG_BASE does not exist. Are you running this on Krang?"
exit 1
fi
cd "$LOG_BASE" || exit 1
echo "🔍 Scanning for hardened Genesis VPSes..."
echo
for LOG in *.log; do
VPS_LABEL="${LOG%.log}"
LAST_KNOWN_IP=$(grep -Eo '\([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\)' "$LOG" | tail -1 | tr -d '()')
if [ -z "$LAST_KNOWN_IP" ]; then
echo "⚠️ $VPS_LABEL: No IP found in log. Skipping."
continue
fi
echo -n "🔧 $VPS_LABEL ($LAST_KNOWN_IP): "
ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no root@"$LAST_KNOWN_IP" "test -f $MARKER_FILE" >/dev/null 2>&1
if [ $? -eq 0 ]; then
echo "✅ Hardened"
else
echo "❌ Not marked as hardened"
fi
done
|
