@@ -42,38 +42,47 if [ "$ENABLE_SSHD" = true ] ; then | |||
|
42 | 42 | fi |
|
43 | 43 | fi |
|
44 | 44 | |
|
45 | # Create $USER_NAME SSH config directory | |
|
46 | mkdir -p "${R}/home/${USER_NAME}/.ssh" | |
|
45 | if [ "$ENABLE_USER" = true ] ; then | |
|
46 | # Create $USER_NAME SSH config directory | |
|
47 | mkdir -p "${R}/home/${USER_NAME}/.ssh" | |
|
47 | 48 | |
|
48 | # Set permissions of $USER_NAME SSH config directory | |
|
49 | chroot_exec chmod 700 "/home/${USER_NAME}/.ssh" | |
|
50 | chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh" | |
|
49 | # Set permissions of $USER_NAME SSH config directory | |
|
50 | chroot_exec chmod 700 "/home/${USER_NAME}/.ssh" | |
|
51 | chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh" | |
|
51 | 52 | |
|
52 | # Install SSH (v2) authorized keys file for user $USER_NAME | |
|
53 | if [ ! -z "$SSH_USER_AUTHORIZED_KEYS" ] ; then | |
|
54 | install_readonly "$SSH_USER_AUTHORIZED_KEYS" "${R}/home/${USER_NAME}/.ssh/authorized_keys2" | |
|
55 | fi | |
|
53 | # Install SSH (v2) authorized keys file for user $USER_NAME | |
|
54 | if [ ! -z "$SSH_USER_AUTHORIZED_KEYS" ] ; then | |
|
55 | install_readonly "$SSH_USER_AUTHORIZED_KEYS" "${R}/home/${USER_NAME}/.ssh/authorized_keys2" | |
|
56 | fi | |
|
56 | 57 | |
|
57 | # Add SSH (v2) public key for user $USER_NAME | |
|
58 | if [ ! -z "$SSH_USER_PUB_KEY" ] ; then | |
|
59 | cat "$SSH_USER_PUB_KEY" >> "${R}/home/${USER_NAME}/.ssh/authorized_keys2" | |
|
60 | fi | |
|
58 | # Add SSH (v2) public key for user $USER_NAME | |
|
59 | if [ ! -z "$SSH_USER_PUB_KEY" ] ; then | |
|
60 | cat "$SSH_USER_PUB_KEY" >> "${R}/home/${USER_NAME}/.ssh/authorized_keys2" | |
|
61 | fi | |
|
61 | 62 | |
|
62 | # Set permissions of $USER_NAME SSH authorized keys file | |
|
63 | if [ -f "${R}/home/${USER_NAME}/.ssh/authorized_keys2" ] ; then | |
|
64 | chroot_exec chmod 600 "/home/${USER_NAME}/.ssh/authorized_keys2" | |
|
65 | chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh/authorized_keys2" | |
|
63 | # Set permissions of $USER_NAME SSH authorized keys file | |
|
64 | if [ -f "${R}/home/${USER_NAME}/.ssh/authorized_keys2" ] ; then | |
|
65 | chroot_exec chmod 600 "/home/${USER_NAME}/.ssh/authorized_keys2" | |
|
66 | chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh/authorized_keys2" | |
|
66 | 67 | |
|
67 | # Allow SSH public key authentication | |
|
68 | sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config" | |
|
68 | # Allow SSH public key authentication | |
|
69 | sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config" | |
|
70 | fi | |
|
69 | 71 | fi |
|
70 | 72 | |
|
71 | 73 | # Limit the users that are allowed to login via SSH |
|
72 | 74 | if [ "$SSH_LIMIT_USERS" = true ] ; then |
|
75 | allowed_users="" | |
|
73 | 76 | if [ "$ENABLE_ROOT" = true ] && [ "$SSH_ENABLE_ROOT" = true ] ; then |
|
74 | echo "AllowUsers root ${USER_NAME}" >> "${ETC_DIR}/ssh/sshd_config" | |
|
75 | else | |
|
76 | echo "AllowUsers ${USER_NAME}" >> "${ETC_DIR}/ssh/sshd_config" | |
|
77 | allowed_users="root" | |
|
78 | fi | |
|
79 | ||
|
80 | if [ "$ENABLE_USER" = true ] ; then | |
|
81 | allowed_users="${allowed_users} ${USER_NAME}" | |
|
82 | fi | |
|
83 | ||
|
84 | if [ ! -z "$allowed_users" ] ; then | |
|
85 | echo "AllowUsers ${allowed_users}" >> "${ETC_DIR}/ssh/sshd_config" | |
|
77 | 86 | fi |
|
78 | 87 | fi |
|
79 | 88 |
General Comments 0
Vous devez vous connecter pour laisser un commentaire.
Se connecter maintenant