#!/bin/bash
# -- BT's Key Manage -- run with either '--backup' or '--restore' and save/load ssh keys.
# -- Will (try to) auto match hostname via uname -n -- 04/19/2025 - LostGeek.NET - bta
# Get current hostname
HOSTNAME=$(uname -n)
BACKUP_DIR="$HOME"
BACKUP_FILE="$BACKUP_DIR/${HOSTNAME}-keys.tgz"

backup_ssh_keys() {
    if [ ! -d "$HOME/.ssh" ]; then
        echo "No .ssh directory found in your home directory."
        exit 1
    fi

    tar -czvf "$BACKUP_FILE" -C "$HOME" .ssh && echo "Backup created: $BACKUP_FILE"
}

restore_ssh_keys() {
    if [ -f "$BACKUP_FILE" ]; then
        ARCHIVE="$BACKUP_FILE"
    else
        echo "No backup found for hostname: $HOSTNAME"
        read -p "Enter the hostname to restore from (e.g. woody.lan): " INPUT_HOST
        ALT_FILE="$BACKUP_DIR/${INPUT_HOST}-keys.tgz"

        if [ ! -f "$ALT_FILE" ]; then
            echo "No backup found at: $ALT_FILE"
            exit 1
        fi

        ARCHIVE="$ALT_FILE"
    fi

    tar -xzvf "$ARCHIVE" -C "$HOME"

    # Fix permissions
    chmod 700 "$HOME/.ssh"
    chmod 600 "$HOME/.ssh/id_"*
    chmod 644 "$HOME/.ssh/"*.pub

    echo "SSH keys restored from $ARCHIVE. Permissions fixed."
}

usage() {
    echo "Usage: $0 {backup|restore}"
    exit 1
}

case "$1" in
    backup)
        backup_ssh_keys
        ;;
    restore)
        restore_ssh_keys
        ;;
    *)
        usage
        ;;
esac