##// END OF EJS Templates
Raspi2-3_GenImage
RSS

Cloner depuis https://github.com/drtyhlpr/rpi23-gen-image.git

Fixed: ssh public key and AllowUsers for ENABLE_USER=false
drtyhlpr -
r122:1e776801295f
parent child
Show More
Show file before | Show file after | Hide comments
@@ -42,38 +42,47 if [ "$ENABLE_SSHD" = true ] ; then
42 42 fi
43 43 fi
44 44
45 # Create $USER_NAME SSH config directory
46 mkdir -p "${R}/home/${USER_NAME}/.ssh"
45 if [ "$ENABLE_USER" = true ] ; then
46 # Create $USER_NAME SSH config directory
47 mkdir -p "${R}/home/${USER_NAME}/.ssh"
47 48
48 # Set permissions of $USER_NAME SSH config directory
49 chroot_exec chmod 700 "/home/${USER_NAME}/.ssh"
50 chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh"
49 # Set permissions of $USER_NAME SSH config directory
50 chroot_exec chmod 700 "/home/${USER_NAME}/.ssh"
51 chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh"
51 52
52 # Install SSH (v2) authorized keys file for user $USER_NAME
53 if [ ! -z "$SSH_USER_AUTHORIZED_KEYS" ] ; then
54 install_readonly "$SSH_USER_AUTHORIZED_KEYS" "${R}/home/${USER_NAME}/.ssh/authorized_keys2"
55 fi
53 # Install SSH (v2) authorized keys file for user $USER_NAME
54 if [ ! -z "$SSH_USER_AUTHORIZED_KEYS" ] ; then
55 install_readonly "$SSH_USER_AUTHORIZED_KEYS" "${R}/home/${USER_NAME}/.ssh/authorized_keys2"
56 fi
56 57
57 # Add SSH (v2) public key for user $USER_NAME
58 if [ ! -z "$SSH_USER_PUB_KEY" ] ; then
59 cat "$SSH_USER_PUB_KEY" >> "${R}/home/${USER_NAME}/.ssh/authorized_keys2"
60 fi
58 # Add SSH (v2) public key for user $USER_NAME
59 if [ ! -z "$SSH_USER_PUB_KEY" ] ; then
60 cat "$SSH_USER_PUB_KEY" >> "${R}/home/${USER_NAME}/.ssh/authorized_keys2"
61 fi
61 62
62 # Set permissions of $USER_NAME SSH authorized keys file
63 if [ -f "${R}/home/${USER_NAME}/.ssh/authorized_keys2" ] ; then
64 chroot_exec chmod 600 "/home/${USER_NAME}/.ssh/authorized_keys2"
65 chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh/authorized_keys2"
63 # Set permissions of $USER_NAME SSH authorized keys file
64 if [ -f "${R}/home/${USER_NAME}/.ssh/authorized_keys2" ] ; then
65 chroot_exec chmod 600 "/home/${USER_NAME}/.ssh/authorized_keys2"
66 chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh/authorized_keys2"
66 67
67 # Allow SSH public key authentication
68 sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config"
68 # Allow SSH public key authentication
69 sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config"
70 fi
69 71 fi
70 72
71 73 # Limit the users that are allowed to login via SSH
72 74 if [ "$SSH_LIMIT_USERS" = true ] ; then
75 allowed_users=""
73 76 if [ "$ENABLE_ROOT" = true ] && [ "$SSH_ENABLE_ROOT" = true ] ; then
74 echo "AllowUsers root ${USER_NAME}" >> "${ETC_DIR}/ssh/sshd_config"
75 else
76 echo "AllowUsers ${USER_NAME}" >> "${ETC_DIR}/ssh/sshd_config"
77 allowed_users="root"
78 fi
79
80 if [ "$ENABLE_USER" = true ] ; then
81 allowed_users="${allowed_users} ${USER_NAME}"
82 fi
83
84 if [ ! -z "$allowed_users" ] ; then
85 echo "AllowUsers ${allowed_users}" >> "${ETC_DIR}/ssh/sshd_config"
77 86 fi
78 87 fi
79 88
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant