From 2ebd08e26c096da162c6c26dbc70a77ed50621ec Mon Sep 17 00:00:00 2001
From: Till Harbaum <till@harbaum.org>
Date: Sun, 11 Feb 2018 21:46:26 +0100
Subject: [PATCH] Add option to remove ssh keys

---
 pishrink.sh | 33 +++++++++++++++++++++++++++++++--
 1 file changed, 31 insertions(+), 2 deletions(-)

diff --git a/pishrink.sh b/pishrink.sh
index 9e57e6b..917328e 100755
--- a/pishrink.sh
+++ b/pishrink.sh
@@ -1,12 +1,14 @@
 #!/bin/bash
 
-usage() { echo "Usage: $0 [-s] imagefile.img [newimagefile.img]"; exit -1; }
+usage() { echo "Usage: $0 [-s|-k] imagefile.img [newimagefile.img]"; exit -1; }
 
 should_skip_autoexpand=false
+remove_ssh_keys=false
 
-while getopts ":s" opt; do
+while getopts ":sk" opt; do
   case "${opt}" in
     s) should_skip_autoexpand=true ;;
+    k) remove_ssh_keys=true ;;
     *) usage ;;
   esac
 done
@@ -60,6 +62,32 @@ tune2fs_output=$(tune2fs -l "$loopback")
 currentsize=$(echo "$tune2fs_output" | grep '^Block count:' | tr -d ' ' | cut -d ':' -f 2)
 blocksize=$(echo "$tune2fs_output" | grep '^Block size:' | tr -d ' ' | cut -d ':' -f 2)
 
+# Remove ssh keys if requested
+if [ "$remove_ssh_keys" = true ]; then
+  echo "Removing ssh keys..."
+  mountdir=$(mktemp -d)
+  mount "$loopback" "$mountdir"
+
+  # Remove keys and create script to recreate them on next boot
+  rm -f -v $mountdir/etc/ssh/ssh_host_*_key*
+  cat <<\EOF > "$mountdir/lib/systemd/system/regenerate_ssh_host_keys.service"
+[Unit]
+Description=Regenerate SSH host keys
+Before=ssh.service
+
+[Service]
+Type=oneshot
+ExecStartPre=-/bin/dd if=/dev/hwrng of=/dev/urandom count=1 bs=4096
+ExecStartPre=-/bin/sh -c "/bin/rm -f -v /etc/ssh/ssh_host_*_key*"
+ExecStart=/usr/bin/ssh-keygen -A -v
+ExecStartPost=/bin/sh -c "/bin/rm -f -v /lib/systemd/system/regenerate_ssh_host_keys.service"
+
+[Install]
+WantedBy=multi-user.target
+EOF
+  umount "$mountdir"
+fi
+
 #Check if we should make pi expand rootfs on next boot
 if [ "$should_skip_autoexpand" = false ]; then
   #Make pi expand rootfs on next boot
@@ -146,6 +174,7 @@ fi
 
 #Add some free space to the end of the filesystem
 extra_space=$(($currentsize - $minsize))
+echo "Extra_space $extra_space"
 for space in 5000 1000 100; do
   if [[ $extra_space -gt $space ]]; then
     minsize=$(($minsize + $space))