| 1 |
# $Header: /home/cvsd/alx-cvs/alx-src/alxconfig-ng/functions/config_ssh_auth.sh,v 1.3 2005-09-07 19:14:18 niro Exp $ |
# $Id$ |
| 2 |
# exchanges the public server and client ssh keys |
# exchanges the public server and client ssh keys |
| 3 |
|
|
| 4 |
gen_keys() { |
gen_keys() |
| 5 |
if [ ! -e /etc/ssh/ssh_host_key ] |
{ |
| 6 |
|
if [ ! -e /etc/dropbear/dropbear_dss_host_key ] |
| 7 |
then |
then |
| 8 |
echo -e ${COLOREDSTAR}"Generating SSH-Hostkey ..." |
echo -e ${COLOREDSTAR}"Generating DSS-Hostkey ..." |
| 9 |
/usr/bin/ssh-keygen -t rsa1 -b 1024 -f /etc/ssh/ssh_host_key -N '' |
dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key |
| 10 |
fi |
fi |
| 11 |
|
|
| 12 |
if [ ! -e /etc/ssh/ssh_host_dsa_key ] |
if [ ! -e /etc/dropbear/dropbear_rsa_host_key ] |
| 13 |
then |
then |
| 14 |
echo -e ${COLREDSTAR}"Generating DSA-Hostkey ..." |
echo -e ${COLREDSTAR}"Generating RSA-Hostkey ..." |
| 15 |
/usr/bin/ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N '' |
dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key |
|
fi |
|
|
|
|
|
if [ ! -e /etc/ssh/ssh_host_rsa_key ] |
|
|
then |
|
|
echo -e ${COLOREDSTAR}"Generating RSA-Hostkey ..." |
|
|
/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' |
|
| 16 |
fi |
fi |
| 17 |
} |
} |
| 18 |
|
|
| 19 |
config_ssh_auth() { |
config_ssh_auth() |
| 20 |
|
{ |
| 21 |
local PUB_KEY_SERVER |
local PUB_KEY_SERVER |
| 22 |
local ID |
local ID |
| 23 |
|
local pubkey |
| 24 |
|
local CONFIG |
| 25 |
|
|
| 26 |
# generate evtually missing keys |
# generate evtually missing keys |
| 27 |
gen_keys |
gen_keys |
| 28 |
|
|
| 29 |
|
# read the pubkey (the sed prints only the second line, which is the pubkey) |
| 30 |
|
pubkey="$(dropbearkey -y -f /etc/dropbear/dropbear_rsa_host_key | sed -n '2p')" |
| 31 |
|
|
| 32 |
# write the public key of the server to the host system |
# write the public key of the server to the host system |
| 33 |
PUB_KEY_SERVER="$(mysql_command ${SQL_USER} ${SQL_PASS} ${SQL_HOST} ${SQL_DB} \ |
PUB_KEY_SERVER="$(mysqldo "select public_key from ssh_auth_server where id=1;")" |
|
"select public_key from ssh_auth_server where id=1;")" |
|
| 34 |
|
|
| 35 |
if [ -n "${PUB_KEY_SERVER}" ] |
if [[ ! -z ${PUB_KEY_SERVER} ]] |
| 36 |
then |
then |
| 37 |
HOME=/root |
HOME=/root |
| 38 |
# only if not empty |
# only if not empty |
| 39 |
[ ! -d $HOME/.ssh ] && install -d $HOME/.ssh |
[ ! -d $HOME/.ssh ] && install -d $HOME/.ssh |
| 40 |
echo "${PUB_KEY_SERVER}" > $HOME/.ssh/authorized_keys |
CONFIG=$HOME/.ssh/authorized_keys |
| 41 |
|
clearconfig |
| 42 |
|
addconfig "${PUB_KEY_SERVER}" |
| 43 |
fi |
fi |
| 44 |
|
|
|
|
|
| 45 |
# put the public key of the host into the db |
# put the public key of the host into the db |
| 46 |
ID=$(mysql_command ${SQL_USER} ${SQL_PASS} ${SQL_HOST} ${SQL_DB} \ |
ID=$(mysqldo "select serial from ssh_auth_clients where serial=${ALX_SERIAL};") |
|
"select serial from ssh_auth_clients where serial=${ALX_SERIAL};") |
|
| 47 |
|
|
| 48 |
if [ -n "${ID}" ] |
if [[ ! -z ${ID} ]] |
| 49 |
then |
then |
| 50 |
#run an update |
# run an update |
| 51 |
mysql_command ${SQL_USER} ${SQL_PASS} ${SQL_HOST} ${SQL_DB} \ |
mysqldo "update ssh_auth_clients set public_key='${pubkey}' where serial=${ALX_SERIAL};" |
|
"update ssh_auth_clients set public_key='$(< /etc/ssh/ssh_host_rsa_key.pub)' where serial=${ALX_SERIAL};" |
|
| 52 |
else |
else |
| 53 |
#run an insert |
# run an insert |
| 54 |
mysql_command ${SQL_USER} ${SQL_PASS} ${SQL_HOST} ${SQL_DB} \ |
mysqldo "insert into ssh_auth_clients(serial,public_key) values('${ALX_SERIAL}','${pubkey}')" |
|
"insert into ssh_auth_clients(serial,public_key) values('${ALX_SERIAL}','$(< /etc/ssh/ssh_host_rsa_key.pub)')" |
|
| 55 |
fi |
fi |
| 56 |
} |
} |
Parent Directory
| 
Revision Log
| 
Patch