1 |
# $Header: /home/cvsd/alx-cvs/alx-src/alxconfig-ng/functions/config_ssh_auth.sh,v 1.3 2005-09-07 19:14:18 niro Exp $ |
# $Id$ |
2 |
# exchanges the public server and client ssh keys |
# exchanges the public server and client ssh keys |
3 |
|
|
4 |
gen_keys() { |
gen_keys() |
5 |
if [ ! -e /etc/ssh/ssh_host_key ] |
{ |
6 |
|
if [ ! -e /etc/dropbear/dropbear_dss_host_key ] |
7 |
then |
then |
8 |
echo -e ${COLOREDSTAR}"Generating SSH-Hostkey ..." |
echo -e ${COLOREDSTAR}"Generating DSS-Hostkey ..." |
9 |
/usr/bin/ssh-keygen -t rsa1 -b 1024 -f /etc/ssh/ssh_host_key -N '' |
dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key |
10 |
fi |
fi |
11 |
|
|
12 |
if [ ! -e /etc/ssh/ssh_host_dsa_key ] |
if [ ! -e /etc/dropbear/dropbear_rsa_host_key ] |
13 |
then |
then |
14 |
echo -e ${COLREDSTAR}"Generating DSA-Hostkey ..." |
echo -e ${COLREDSTAR}"Generating RSA-Hostkey ..." |
15 |
/usr/bin/ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N '' |
dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key |
|
fi |
|
|
|
|
|
if [ ! -e /etc/ssh/ssh_host_rsa_key ] |
|
|
then |
|
|
echo -e ${COLOREDSTAR}"Generating RSA-Hostkey ..." |
|
|
/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' |
|
16 |
fi |
fi |
17 |
} |
} |
18 |
|
|
19 |
config_ssh_auth() { |
config_ssh_auth() |
20 |
|
{ |
21 |
local PUB_KEY_SERVER |
local PUB_KEY_SERVER |
22 |
local ID |
local ID |
23 |
|
local pubkey |
24 |
|
local CONFIG |
25 |
|
|
26 |
# generate evtually missing keys |
# generate evtually missing keys |
27 |
gen_keys |
gen_keys |
28 |
|
|
29 |
|
# read the pubkey (the sed prints only the second line, which is the pubkey) |
30 |
|
pubkey="$(dropbearkey -y -f /etc/dropbear/dropbear_rsa_host_key | sed -n '2p')" |
31 |
|
|
32 |
# write the public key of the server to the host system |
# write the public key of the server to the host system |
33 |
PUB_KEY_SERVER="$(mysql_command ${SQL_USER} ${SQL_PASS} ${SQL_HOST} ${SQL_DB} \ |
PUB_KEY_SERVER="$(mysqldo "select public_key from ssh_auth_server where id=1;")" |
|
"select public_key from ssh_auth_server where id=1;")" |
|
34 |
|
|
35 |
if [ -n "${PUB_KEY_SERVER}" ] |
if [[ ! -z ${PUB_KEY_SERVER} ]] |
36 |
then |
then |
37 |
HOME=/root |
HOME=/root |
38 |
# only if not empty |
# only if not empty |
39 |
[ ! -d $HOME/.ssh ] && install -d $HOME/.ssh |
[ ! -d $HOME/.ssh ] && install -d $HOME/.ssh |
40 |
echo "${PUB_KEY_SERVER}" > $HOME/.ssh/authorized_keys |
CONFIG=$HOME/.ssh/authorized_keys |
41 |
|
clearconfig |
42 |
|
addconfig "${PUB_KEY_SERVER}" |
43 |
fi |
fi |
44 |
|
|
|
|
|
45 |
# put the public key of the host into the db |
# put the public key of the host into the db |
46 |
ID=$(mysql_command ${SQL_USER} ${SQL_PASS} ${SQL_HOST} ${SQL_DB} \ |
ID=$(mysqldo "select serial from ssh_auth_clients where serial=${ALX_SERIAL};") |
|
"select serial from ssh_auth_clients where serial=${ALX_SERIAL};") |
|
47 |
|
|
48 |
if [ -n "${ID}" ] |
if [[ ! -z ${ID} ]] |
49 |
then |
then |
50 |
#run an update |
# run an update |
51 |
mysql_command ${SQL_USER} ${SQL_PASS} ${SQL_HOST} ${SQL_DB} \ |
mysqldo "update ssh_auth_clients set public_key='${pubkey}' where serial=${ALX_SERIAL};" |
|
"update ssh_auth_clients set public_key='$(< /etc/ssh/ssh_host_rsa_key.pub)' where serial=${ALX_SERIAL};" |
|
52 |
else |
else |
53 |
#run an insert |
# run an insert |
54 |
mysql_command ${SQL_USER} ${SQL_PASS} ${SQL_HOST} ${SQL_DB} \ |
mysqldo "insert into ssh_auth_clients(serial,public_key) values('${ALX_SERIAL}','${pubkey}')" |
|
"insert into ssh_auth_clients(serial,public_key) values('${ALX_SERIAL}','$(< /etc/ssh/ssh_host_rsa_key.pub)')" |
|
55 |
fi |
fi |
56 |
} |
} |