##// END OF EJS Templates
Added: SSH public key auth, other fixes
drtyhlpr -
r120:15fff1eef3a5
parent child
Show More
@@ -0,0 +1,90
1 #
2 # Setup SSH settings and public keys
3 #
4
5 # Load utility functions
6 . ./functions.sh
7
8 if [ "$ENABLE_SSHD" = true ] ; then
9 if [ "$SSH_ENABLE_ROOT" = false ] ; then
10 # User root is not allowed to log in
11 sed -i "s|[#]*PermitRootLogin.*|PermitRootLogin no|g" "${ETC_DIR}/ssh/sshd_config"
12 fi
13
14 if [ "$ENABLE_ROOT" = true ] && [ "$SSH_ENABLE_ROOT" = true ] ; then
15 # Permit SSH root login
16 sed -i "s|[#]*PermitRootLogin.*|PermitRootLogin yes|g" "${ETC_DIR}/ssh/sshd_config"
17
18 # Create root SSH config directory
19 mkdir -p "${R}/root/.ssh"
20
21 # Set permissions of root SSH config directory
22 chroot_exec chmod 700 "/root/.ssh"
23 chroot_exec chown root:root "/root/.ssh"
24
25 # Install SSH (v2) authorized keys file for user root
26 if [ ! -z "$SSH_ROOT_AUTHORIZED_KEYS" ] ; then
27 install_readonly "$SSH_ROOT_AUTHORIZED_KEYS" "${R}/root/.ssh/authorized_keys2"
28 fi
29
30 # Add SSH (v2) public key for user root
31 if [ ! -z "$SSH_ROOT_PUB_KEY" ] ; then
32 cat "$SSH_ROOT_PUB_KEY" >> "${R}/root/.ssh/authorized_keys2"
33 fi
34
35 # Set permissions of root SSH authorized keys file
36 if [ -f "${R}/root/.ssh/authorized_keys2" ] ; then
37 chroot_exec chmod 600 "/root/.ssh/authorized_keys2"
38 chroot_exec chown root:root "/root/.ssh/authorized_keys2"
39
40 # Allow SSH public key authentication
41 sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config"
42 fi
43 fi
44
45 # Create $USER_NAME SSH config directory
46 mkdir -p "${R}/home/${USER_NAME}/.ssh"
47
48 # Set permissions of $USER_NAME SSH config directory
49 chroot_exec chmod 700 "/home/${USER_NAME}/.ssh"
50 chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh"
51
52 # Install SSH (v2) authorized keys file for user $USER_NAME
53 if [ ! -z "$SSH_USER_AUTHORIZED_KEYS" ] ; then
54 install_readonly "$SSH_USER_AUTHORIZED_KEYS" "${R}/home/${USER_NAME}/.ssh/authorized_keys2"
55 fi
56
57 # Add SSH (v2) public key for user $USER_NAME
58 if [ ! -z "$SSH_USER_PUB_KEY" ] ; then
59 cat "$SSH_USER_PUB_KEY" >> "${R}/home/${USER_NAME}/.ssh/authorized_keys2"
60 fi
61
62 # Set permissions of $USER_NAME SSH authorized keys file
63 if [ -f "${R}/home/${USER_NAME}/.ssh/authorized_keys2" ] ; then
64 chroot_exec chmod 600 "/home/${USER_NAME}/.ssh/authorized_keys2"
65 chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh/authorized_keys2"
66
67 # Allow SSH public key authentication
68 sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config"
69 fi
70
71 # Limit the users that are allowed to login via SSH
72 if [ "$SSH_LIMIT_USERS" = true ] ; then
73 if [ "$ENABLE_ROOT" = true ] && [ "$SSH_ENABLE_ROOT" = true ] ; then
74 echo "AllowUsers root ${USER_NAME}" >> "${ETC_DIR}/ssh/sshd_config"
75 else
76 echo "AllowUsers ${USER_NAME}" >> "${ETC_DIR}/ssh/sshd_config"
77 fi
78 fi
79
80 # Disable password-based authentication
81 if [ "$SSH_DISABLE_PASSWORD_AUTH" = true ] ; then
82 if [ "$ENABLE_ROOT" = true ] && [ "$SSH_ENABLE_ROOT" = true ] ; then
83 sed -i "s|[#]*PermitRootLogin.*|PermitRootLogin without-password|g" "${ETC_DIR}/ssh/sshd_config"
84 fi
85
86 sed -i "s|[#]*PasswordAuthentication.*|PasswordAuthentication no|g" "${ETC_DIR}/ssh/sshd_config"
87 sed -i "s|[#]*ChallengeResponseAuthentication no.*|ChallengeResponseAuthentication no|g" "${ETC_DIR}/ssh/sshd_config"
88 sed -i "s|[#]*UsePAM.*|UsePAM no|g" "${ETC_DIR}/ssh/sshd_config"
89 fi
90 fi
@@ -193,10 +193,6 Non-root user to create. Ignored if `ENABLE_USER`=false
193 ##### `ENABLE_ROOT`=false
193 ##### `ENABLE_ROOT`=false
194 Set root user password so root login will be enabled
194 Set root user password so root login will be enabled
195
195
196 ##### `ENABLE_ROOT_SSH`=true
197 Enable password root login via SSH. May be a security risk with default
198 password, use only in trusted environments.
199
200 ##### `ENABLE_HARDNET`=false
196 ##### `ENABLE_HARDNET`=false
201 Enable IPv4/IPv6 network stack hardening settings.
197 Enable IPv4/IPv6 network stack hardening settings.
202
198
@@ -212,6 +208,28 Create an initramfs that that will be loaded during the Linux startup process. `
212 ##### `ENABLE_IFNAMES`=true
208 ##### `ENABLE_IFNAMES`=true
213 Enable automatic assignment of predictable, stable network interface names for all local Ethernet, WLAN interfaces. This might create complex and long interface names. This parameter is only supported if the Debian release `stretch` is used.
209 Enable automatic assignment of predictable, stable network interface names for all local Ethernet, WLAN interfaces. This might create complex and long interface names. This parameter is only supported if the Debian release `stretch` is used.
214
210
211 #### SSH settings
212 ##### `SSH_ENABLE_ROOT`=false
213 Enable password root login via SSH. This may be a security risk with default password, use only in trusted environments. `ENABLE_ROOT` must be set to `true`.
214
215 ##### `SSH_DISABLE_PASSWORD_AUTH`=false
216 Disable password based SSH authentication. Only public key based SSH (v2) authentication will be supported.
217
218 ##### `SSH_LIMIT_USERS`=false
219 Limit the users that are allowed to login via SSH. Only allow user `USER_NAME`=pi and root if `SSH_ENABLE_ROOT`=true to login.
220
221 ##### `SSH_ROOT_AUTHORIZED_KEYS`=""
222 Add specified SSH `authorized_keys2` file that contains keys for public key based SSH (v2) authentication of user `root`. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
223
224 ##### `SSH_ROOT_PUB_KEY`=""
225 Add specified SSH (v2) public key file to `authorized_keys2` file to enable public key based SSH (v2) authentication of user `root`. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
226
227 ##### `SSH_USER_AUTHORIZED_KEYS`=""
228 Add specified SSH `authorized_keys2` file that contains keys for public key based SSH (v2) authentication of user `USER_NAME`=pi. SSH protocol version 1 is not supported.
229
230 ##### `SSH_USER_PUB_KEY`=""
231 Add specified SSH (v2) public key file to `authorized_keys2` file to enable public key based SSH (v2) authentication of user `USER_NAME`=pi. SSH protocol version 1 is not supported.
232
215 #### Kernel compilation:
233 #### Kernel compilation:
216 ##### `BUILD_KERNEL`=false
234 ##### `BUILD_KERNEL`=false
217 Build and install the latest RPi2/3 Linux kernel. Currently only the default RPi2/3 kernel configuration is used. `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` is used.
235 Build and install the latest RPi2/3 Linux kernel. Currently only the default RPi2/3 kernel configuration is used. `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` is used.
@@ -306,6 +324,7 The functions of this script that are required for the different stages of the b
306 | `21-firewall.sh` | Setup Firewall |
324 | `21-firewall.sh` | Setup Firewall |
307 | `30-security.sh` | Setup Users and Security settings |
325 | `30-security.sh` | Setup Users and Security settings |
308 | `31-logging.sh` | Setup Logging |
326 | `31-logging.sh` | Setup Logging |
327 | `32-sshd.sh` | Setup SSH and public keys |
309 | `41-uboot.sh` | Build and Setup U-Boot |
328 | `41-uboot.sh` | Build and Setup U-Boot |
310 | `42-fbturbo.sh` | Build and Setup fbturbo Xorg driver |
329 | `42-fbturbo.sh` | Build and Setup fbturbo Xorg driver |
311 | `50-firstboot.sh` | First boot actions |
330 | `50-firstboot.sh` | First boot actions |
1 NO CONTENT: modified file
NO CONTENT: modified file
@@ -11,18 +11,13 ENCRYPTED_USER_PASSWORD=`mkpasswd -m sha-512 "${USER_PASSWORD}"`
11
11
12 # Setup default user
12 # Setup default user
13 if [ "$ENABLE_USER" = true ] ; then
13 if [ "$ENABLE_USER" = true ] ; then
14 chroot_exec adduser --gecos $USER_NAME --add_extra_groups \
14 chroot_exec adduser --gecos $USER_NAME --add_extra_groups --disabled-password $USER_NAME
15 --disabled-password $USER_NAME
16 chroot_exec usermod -a -G sudo -p "${ENCRYPTED_USER_PASSWORD}" $USER_NAME
15 chroot_exec usermod -a -G sudo -p "${ENCRYPTED_USER_PASSWORD}" $USER_NAME
17 fi
16 fi
18
17
19 # Setup root password or not
18 # Setup root password or not
20 if [ "$ENABLE_ROOT" = true ] ; then
19 if [ "$ENABLE_ROOT" = true ] ; then
21 chroot_exec usermod -p "${ENCRYPTED_PASSWORD}" root
20 chroot_exec usermod -p "${ENCRYPTED_PASSWORD}" root
22
23 if [ "$ENABLE_ROOT_SSH" = true ] ; then
24 sed -i "s|[#]*PermitRootLogin.*|PermitRootLogin yes|g" "${ETC_DIR}/ssh/sshd_config"
25 fi
26 else
21 else
27 # Set no root password to disable root login
22 # Set no root password to disable root login
28 chroot_exec usermod -p \'!\' root
23 chroot_exec usermod -p \'!\' root
@@ -1,7 +1,7
1 #!/bin/sh
1 #!/bin/sh
2
2
3 ########################################################################
3 ########################################################################
4 # rpi23-gen-image.sh 2015-2016
4 # rpi23-gen-image.sh 2015-2017
5 #
5 #
6 # Advanced Debian "jessie" and "stretch" bootstrap script for RPi2/3
6 # Advanced Debian "jessie" and "stretch" bootstrap script for RPi2/3
7 #
7 #
@@ -126,7 +126,15 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
126 ENABLE_USER=${ENABLE_USER:=true}
126 ENABLE_USER=${ENABLE_USER:=true}
127 USER_NAME=${USER_NAME:="pi"}
127 USER_NAME=${USER_NAME:="pi"}
128 ENABLE_ROOT=${ENABLE_ROOT:=false}
128 ENABLE_ROOT=${ENABLE_ROOT:=false}
129 ENABLE_ROOT_SSH=${ENABLE_ROOT_SSH:=false}
129
130 # SSH settings
131 SSH_ENABLE_ROOT=${SSH_ENABLE_ROOT:=false}
132 SSH_DISABLE_PASSWORD_AUTH=${SSH_DISABLE_PASSWORD_AUTH:=false}
133 SSH_LIMIT_USERS=${SSH_LIMIT_USERS:=false}
134 SSH_ROOT_AUTHORIZED_KEYS=${SSH_ROOT_AUTHORIZED_KEYS:=""}
135 SSH_USER_AUTHORIZED_KEYS=${SSH_USER_AUTHORIZED_KEYS:=""}
136 SSH_ROOT_PUB_KEY=${SSH_ROOT_PUB_KEY:=""}
137 SSH_USER_PUB_KEY=${SSH_USER_PUB_KEY:=""}
130
138
131 # Advanced settings
139 # Advanced settings
132 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
140 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
@@ -253,6 +261,38 if [ "$ENABLE_UBOOT" = true ] ; then
253 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler"
261 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler"
254 fi
262 fi
255
263
264 # Check if root SSH (v2) authorized keys file exists
265 if [ ! -z "$SSH_ROOT_AUTHORIZED_KEYS" ] ; then
266 if [ ! -f "$SSH_ROOT_AUTHORIZED_KEYS" ] ; then
267 echo "error: '$SSH_ROOT_AUTHORIZED_KEYS' specified SSH authorized keys file not found (SSH_ROOT_AUTHORIZED_KEYS)!"
268 exit 1
269 fi
270 fi
271
272 # Check if $USER_NAME SSH (v2) authorized keys file exists
273 if [ ! -z "$SSH_USER_AUTHORIZED_KEYS" ] ; then
274 if [ ! -f "$SSH_USER_AUTHORIZED_KEYS" ] ; then
275 echo "error: '$SSH_USER_AUTHORIZED_KEYS' specified SSH authorized keys file not found (SSH_USER_AUTHORIZED_KEYS)!"
276 exit 1
277 fi
278 fi
279
280 # Check if root SSH (v2) public key file exists
281 if [ ! -z "$SSH_ROOT_PUB_KEY" ] ; then
282 if [ ! -f "$SSH_ROOT_PUB_KEY" ] ; then
283 echo "error: '$SSH_ROOT_PUB_KEY' specified SSH public key file not found (SSH_ROOT_PUB_KEY)!"
284 exit 1
285 fi
286 fi
287
288 # Check if $USER_NAME SSH (v2) public key file exists
289 if [ ! -z "$SSH_USER_PUB_KEY" ] ; then
290 if [ ! -f "$SSH_USER_PUB_KEY" ] ; then
291 echo "error: '$SSH_USER_PUB_KEY' specified SSH public key file not found (SSH_USER_PUB_KEY)!"
292 exit 1
293 fi
294 fi
295
256 # Check if all required packages are installed on the build system
296 # Check if all required packages are installed on the build system
257 for package in $REQUIRED_PACKAGES ; do
297 for package in $REQUIRED_PACKAGES ; do
258 if [ "`dpkg-query -W -f='${Status}' $package`" != "install ok installed" ] ; then
298 if [ "`dpkg-query -W -f='${Status}' $package`" != "install ok installed" ] ; then
@@ -489,37 +529,37 DATE="$(date +%Y-%m-%d)"
489
529
490 # Prepare image file
530 # Prepare image file
491 if [ "$ENABLE_SPLITFS" = true ] ; then
531 if [ "$ENABLE_SPLITFS" = true ] ; then
492 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" bs=512 count=${TABLE_SECTORS}
532 dd if=/dev/zero of="$BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}-frmw.img" bs=512 count=${TABLE_SECTORS}
493 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" bs=512 count=0 seek=${FRMW_SECTORS}
533 dd if=/dev/zero of="$BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}-frmw.img" bs=512 count=0 seek=${FRMW_SECTORS}
494 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-root.img" bs=512 count=${TABLE_SECTORS}
534 dd if=/dev/zero of="$BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}-root.img" bs=512 count=${TABLE_SECTORS}
495 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-root.img" bs=512 count=0 seek=${ROOT_SECTORS}
535 dd if=/dev/zero of="$BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}-root.img" bs=512 count=0 seek=${ROOT_SECTORS}
496
536
497 # Write firmware/boot partition tables
537 # Write firmware/boot partition tables
498 sfdisk -q -L -uS -f "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" 2> /dev/null <<EOM
538 sfdisk -q -L -uS -f "$BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}-frmw.img" 2> /dev/null <<EOM
499 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
539 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
500 EOM
540 EOM
501
541
502 # Write root partition table
542 # Write root partition table
503 sfdisk -q -L -uS -f "$BASEDIR/${DATE}-debian-${RELEASE}-root.img" 2> /dev/null <<EOM
543 sfdisk -q -L -uS -f "$BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}-root.img" 2> /dev/null <<EOM
504 ${TABLE_SECTORS},${ROOT_SECTORS},83
544 ${TABLE_SECTORS},${ROOT_SECTORS},83
505 EOM
545 EOM
506
546
507 # Setup temporary loop devices
547 # Setup temporary loop devices
508 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $BASEDIR/${DATE}-debian-${RELEASE}-frmw.img)"
548 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}-frmw.img)"
509 ROOT_LOOP="$(losetup -o 1M -f --show $BASEDIR/${DATE}-debian-${RELEASE}-root.img)"
549 ROOT_LOOP="$(losetup -o 1M -f --show $BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}-root.img)"
510 else # ENABLE_SPLITFS=false
550 else # ENABLE_SPLITFS=false
511 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=${TABLE_SECTORS}
551 dd if=/dev/zero of="$BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}.img" bs=512 count=${TABLE_SECTORS}
512 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=0 seek=${IMAGE_SECTORS}
552 dd if=/dev/zero of="$BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}.img" bs=512 count=0 seek=${IMAGE_SECTORS}
513
553
514 # Write partition table
554 # Write partition table
515 sfdisk -q -L -uS -f "$BASEDIR/${DATE}-debian-${RELEASE}.img" 2> /dev/null <<EOM
555 sfdisk -q -L -uS -f "$BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}.img" 2> /dev/null <<EOM
516 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
556 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
517 ${ROOT_OFFSET},${ROOT_SECTORS},83
557 ${ROOT_OFFSET},${ROOT_SECTORS},83
518 EOM
558 EOM
519
559
520 # Setup temporary loop devices
560 # Setup temporary loop devices
521 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
561 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}.img)"
522 ROOT_LOOP="$(losetup -o 65M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
562 ROOT_LOOP="$(losetup -o 65M -f --show $BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}.img)"
523 fi
563 fi
524
564
525 if [ "$ENABLE_CRYPTFS" = true ] ; then
565 if [ "$ENABLE_CRYPTFS" = true ] ; then
@@ -566,16 +606,16 cleanup
566 # Create block map file(s) of image(s)
606 # Create block map file(s) of image(s)
567 if [ "$ENABLE_SPLITFS" = true ] ; then
607 if [ "$ENABLE_SPLITFS" = true ] ; then
568 # Create block map files for "bmaptool"
608 # Create block map files for "bmaptool"
569 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img"
609 bmaptool create -o "$BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}-frmw.bmap" "$BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}-frmw.img"
570 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}-root.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}-root.img"
610 bmaptool create -o "$BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}-root.bmap" "$BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}-root.img"
571
611
572 # Image was successfully created
612 # Image was successfully created
573 echo "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img ($(expr \( ${TABLE_SECTORS} + ${FRMW_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
613 echo "$BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}-frmw.img ($(expr \( ${TABLE_SECTORS} + ${FRMW_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
574 echo "$BASEDIR/${DATE}-debian-${RELEASE}-root.img ($(expr \( ${TABLE_SECTORS} + ${ROOT_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
614 echo "$BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}-root.img ($(expr \( ${TABLE_SECTORS} + ${ROOT_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
575 else
615 else
576 # Create block map file for "bmaptool"
616 # Create block map file for "bmaptool"
577 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}.img"
617 bmaptool create -o "$BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}.bmap" "$BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}.img"
578
618
579 # Image was successfully created
619 # Image was successfully created
580 echo "$BASEDIR/${DATE}-debian-${RELEASE}.img ($(expr \( ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
620 echo "$BASEDIR/${DATE}-rpi${RPI_MODEL}-${RELEASE}.img ($(expr \( ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
581 fi
621 fi
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant