From 1753b8dddafb52649fd2f569efdc001c7511f360 Mon Sep 17 00:00:00 2001
From: gyurix <gyurix@gmail.com>
Date: Wed, 27 Aug 2025 11:06:50 +0200
Subject: [PATCH] Refactor SSH connection checks in start_backup.sh to improve
 error handling and authentication verification

---
 start_backup.sh | 20 ++++++++------------
 1 file changed, 8 insertions(+), 12 deletions(-)

diff --git a/start_backup.sh b/start_backup.sh
index ed2d766..9b50667 100644
--- a/start_backup.sh
+++ b/start_backup.sh
@@ -57,28 +57,24 @@ fi
 # creating cycle for backup services
 for BACKUP in $( echo -n $SSH_HOST) ; do      
     # check backup client availability
-    RESPONSE=$(echo "exit" | timeout 5 telnet $BACKUP $SSH_PORT | grep Connected)
+    RESPONSE=$(ssh -o StrictHostKeyChecking=no -o PreferredAuthentications=password -o ConnectTimeout=5 -o BatchMode=yes  -p $SSH_PORT $SSH_USER@$BACKUP  /bin/true 2>&1)
 	echo "RESPONSE: $RESPONSE"
-    if [ "$RESPONSE" == "" ]; then
+    if [ "$(echo $RESPONSE | grep -o resolve)" != "" ]; then
         echo "Expected backup client $BACKUP on port $SSH_PORT currently not available"
         continue
     fi
     # set backup client IP addresses and ports                                         
-    sshpass -p "$SSH_PASSWORD" ssh -o StrictHostKeyChecking=no -o PreferredAuthentications=password -o ConnectTimeout=5 -p $SSH_PORT $SSH_USER@$BACKUP exit 2>/dev/null
-    PASSWORD_AUTH_EXIT_CODE=$?
-    echo "PASSWORD_AUTH_EXIT_CODE: $PASSWORD_AUTH_EXIT_CODE"
-
-    if [ $PASSWORD_AUTH_EXIT_CODE -eq 0 ]; then
+    RESPONSE=$(ssh -o StrictHostKeyChecking=no -o PreferredAuthentications=password -o ConnectTimeout=5 -o BatchMode=yes  -p $SSH_PORT $SSH_USER@$BACKUP  /bin/true 2>&1)
+	echo "RESPONSE: $RESPONSE"
+    if [ "$(echo $RESPONSE | grep -o password)" != "" ]; then
         echo "SSH password authentication enabled"
         sshpass -p "$SSH_PASSWORD" ssh -p $SSH_PORT -i $SSH_DIR/id_$key_type $SSH_USER@$BACKUP "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys" < $SSH_DIR/id_$key_type.pub
         ssh -i $SSH_DIR/id_$key_type -p $SSH_PORT $SSH_USER@$BACKUP sed -i "s/PasswordAuthentication\ yes/PasswordAuthentication\ no/g" .ssh/server/sshd_config
         sleep 2
     fi
-    sshpass -p "$SSH_PASSWORD" ssh -o StrictHostKeyChecking=no -o PreferredAuthentications=password -o BatchMode=yes -o ConnectTimeout=5 -p $SSH_PORT $SSH_USER@$BACKUP exit 2>/dev/null
-    PASSWORD_AUTH_EXIT_CODE=$?
-    echo "PASSWORD_AUTH_EXIT_CODE: $PASSWORD_AUTH_EXIT_CODE"
-    # check ssh connection via pub key
-    if [ $PASSWORD_AUTH_EXIT_CODE -ne 0 ]; then
+    RESPONSE=$(ssh -o StrictHostKeyChecking=no -o PreferredAuthentications=password -o ConnectTimeout=5 -o BatchMode=yes  -p $SSH_PORT $SSH_USER@$BACKUP  /bin/true 2>&1)
+	echo "RESPONSE: $RESPONSE"
+    if [ "$(echo $RESPONSE | grep -o password)" == "" ]; then
         echo "SSH password authentication is disabled on the server."
 
         # check borg backup state