##// END OF EJS Templates
Fixed: ssh public key and AllowUsers for ENABLE_USER=false
drtyhlpr -
r122:1e776801295f
parent child
Show More
@@ -42,38 +42,47 if [ "$ENABLE_SSHD" = true ] ; then
42 fi
42 fi
43 fi
43 fi
44
44
45 # Create $USER_NAME SSH config directory
45 if [ "$ENABLE_USER" = true ] ; then
46 mkdir -p "${R}/home/${USER_NAME}/.ssh"
46 # Create $USER_NAME SSH config directory
47 mkdir -p "${R}/home/${USER_NAME}/.ssh"
47
48
48 # Set permissions of $USER_NAME SSH config directory
49 # Set permissions of $USER_NAME SSH config directory
49 chroot_exec chmod 700 "/home/${USER_NAME}/.ssh"
50 chroot_exec chmod 700 "/home/${USER_NAME}/.ssh"
50 chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh"
51 chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh"
51
52
52 # Install SSH (v2) authorized keys file for user $USER_NAME
53 # Install SSH (v2) authorized keys file for user $USER_NAME
53 if [ ! -z "$SSH_USER_AUTHORIZED_KEYS" ] ; then
54 if [ ! -z "$SSH_USER_AUTHORIZED_KEYS" ] ; then
54 install_readonly "$SSH_USER_AUTHORIZED_KEYS" "${R}/home/${USER_NAME}/.ssh/authorized_keys2"
55 install_readonly "$SSH_USER_AUTHORIZED_KEYS" "${R}/home/${USER_NAME}/.ssh/authorized_keys2"
55 fi
56 fi
56
57
57 # Add SSH (v2) public key for user $USER_NAME
58 # Add SSH (v2) public key for user $USER_NAME
58 if [ ! -z "$SSH_USER_PUB_KEY" ] ; then
59 if [ ! -z "$SSH_USER_PUB_KEY" ] ; then
59 cat "$SSH_USER_PUB_KEY" >> "${R}/home/${USER_NAME}/.ssh/authorized_keys2"
60 cat "$SSH_USER_PUB_KEY" >> "${R}/home/${USER_NAME}/.ssh/authorized_keys2"
60 fi
61 fi
61
62
62 # Set permissions of $USER_NAME SSH authorized keys file
63 # Set permissions of $USER_NAME SSH authorized keys file
63 if [ -f "${R}/home/${USER_NAME}/.ssh/authorized_keys2" ] ; then
64 if [ -f "${R}/home/${USER_NAME}/.ssh/authorized_keys2" ] ; then
64 chroot_exec chmod 600 "/home/${USER_NAME}/.ssh/authorized_keys2"
65 chroot_exec chmod 600 "/home/${USER_NAME}/.ssh/authorized_keys2"
65 chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh/authorized_keys2"
66 chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh/authorized_keys2"
66
67
67 # Allow SSH public key authentication
68 # Allow SSH public key authentication
68 sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config"
69 sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config"
70 fi
69 fi
71 fi
70
72
71 # Limit the users that are allowed to login via SSH
73 # Limit the users that are allowed to login via SSH
72 if [ "$SSH_LIMIT_USERS" = true ] ; then
74 if [ "$SSH_LIMIT_USERS" = true ] ; then
75 allowed_users=""
73 if [ "$ENABLE_ROOT" = true ] && [ "$SSH_ENABLE_ROOT" = true ] ; then
76 if [ "$ENABLE_ROOT" = true ] && [ "$SSH_ENABLE_ROOT" = true ] ; then
74 echo "AllowUsers root ${USER_NAME}" >> "${ETC_DIR}/ssh/sshd_config"
77 allowed_users="root"
75 else
78 fi
76 echo "AllowUsers ${USER_NAME}" >> "${ETC_DIR}/ssh/sshd_config"
79
80 if [ "$ENABLE_USER" = true ] ; then
81 allowed_users="${allowed_users} ${USER_NAME}"
82 fi
83
84 if [ ! -z "$allowed_users" ] ; then
85 echo "AllowUsers ${allowed_users}" >> "${ETC_DIR}/ssh/sshd_config"
77 fi
86 fi
78 fi
87 fi
79
88
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant