@@ -42,38 +42,47 if [ "$ENABLE_SSHD" = true ] ; then | |||||
42 | fi |
|
42 | fi | |
43 | fi |
|
43 | fi | |
44 |
|
44 | |||
45 | # Create $USER_NAME SSH config directory |
|
45 | if [ "$ENABLE_USER" = true ] ; then | |
46 | mkdir -p "${R}/home/${USER_NAME}/.ssh" |
|
46 | # Create $USER_NAME SSH config directory | |
|
47 | mkdir -p "${R}/home/${USER_NAME}/.ssh" | |||
47 |
|
48 | |||
48 | # Set permissions of $USER_NAME SSH config directory |
|
49 | # Set permissions of $USER_NAME SSH config directory | |
49 | chroot_exec chmod 700 "/home/${USER_NAME}/.ssh" |
|
50 | chroot_exec chmod 700 "/home/${USER_NAME}/.ssh" | |
50 | chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh" |
|
51 | chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh" | |
51 |
|
52 | |||
52 | # Install SSH (v2) authorized keys file for user $USER_NAME |
|
53 | # Install SSH (v2) authorized keys file for user $USER_NAME | |
53 | if [ ! -z "$SSH_USER_AUTHORIZED_KEYS" ] ; then |
|
54 | if [ ! -z "$SSH_USER_AUTHORIZED_KEYS" ] ; then | |
54 | install_readonly "$SSH_USER_AUTHORIZED_KEYS" "${R}/home/${USER_NAME}/.ssh/authorized_keys2" |
|
55 | install_readonly "$SSH_USER_AUTHORIZED_KEYS" "${R}/home/${USER_NAME}/.ssh/authorized_keys2" | |
55 | fi |
|
56 | fi | |
56 |
|
57 | |||
57 | # Add SSH (v2) public key for user $USER_NAME |
|
58 | # Add SSH (v2) public key for user $USER_NAME | |
58 | if [ ! -z "$SSH_USER_PUB_KEY" ] ; then |
|
59 | if [ ! -z "$SSH_USER_PUB_KEY" ] ; then | |
59 | cat "$SSH_USER_PUB_KEY" >> "${R}/home/${USER_NAME}/.ssh/authorized_keys2" |
|
60 | cat "$SSH_USER_PUB_KEY" >> "${R}/home/${USER_NAME}/.ssh/authorized_keys2" | |
60 | fi |
|
61 | fi | |
61 |
|
62 | |||
62 | # Set permissions of $USER_NAME SSH authorized keys file |
|
63 | # Set permissions of $USER_NAME SSH authorized keys file | |
63 | if [ -f "${R}/home/${USER_NAME}/.ssh/authorized_keys2" ] ; then |
|
64 | if [ -f "${R}/home/${USER_NAME}/.ssh/authorized_keys2" ] ; then | |
64 | chroot_exec chmod 600 "/home/${USER_NAME}/.ssh/authorized_keys2" |
|
65 | chroot_exec chmod 600 "/home/${USER_NAME}/.ssh/authorized_keys2" | |
65 | chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh/authorized_keys2" |
|
66 | chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh/authorized_keys2" | |
66 |
|
67 | |||
67 | # Allow SSH public key authentication |
|
68 | # Allow SSH public key authentication | |
68 | sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config" |
|
69 | sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config" | |
|
70 | fi | |||
69 | fi |
|
71 | fi | |
70 |
|
72 | |||
71 | # Limit the users that are allowed to login via SSH |
|
73 | # Limit the users that are allowed to login via SSH | |
72 | if [ "$SSH_LIMIT_USERS" = true ] ; then |
|
74 | if [ "$SSH_LIMIT_USERS" = true ] ; then | |
|
75 | allowed_users="" | |||
73 | if [ "$ENABLE_ROOT" = true ] && [ "$SSH_ENABLE_ROOT" = true ] ; then |
|
76 | if [ "$ENABLE_ROOT" = true ] && [ "$SSH_ENABLE_ROOT" = true ] ; then | |
74 | echo "AllowUsers root ${USER_NAME}" >> "${ETC_DIR}/ssh/sshd_config" |
|
77 | allowed_users="root" | |
75 | else |
|
78 | fi | |
76 | echo "AllowUsers ${USER_NAME}" >> "${ETC_DIR}/ssh/sshd_config" |
|
79 | ||
|
80 | if [ "$ENABLE_USER" = true ] ; then | |||
|
81 | allowed_users="${allowed_users} ${USER_NAME}" | |||
|
82 | fi | |||
|
83 | ||||
|
84 | if [ ! -z "$allowed_users" ] ; then | |||
|
85 | echo "AllowUsers ${allowed_users}" >> "${ETC_DIR}/ssh/sshd_config" | |||
77 | fi |
|
86 | fi | |
78 | fi |
|
87 | fi | |
79 |
|
88 |
General Comments 0
Vous devez vous connecter pour laisser un commentaire.
Se connecter maintenant