##// END OF EJS Templates
Fixed: Use authorized_keys file instead of authorized_keys2
drtyhlpr -
r123:f35e7443794e
parent child
Show More
@@ -219,16 +219,16 Disable password based SSH authentication. Only public key based SSH (v2) authen
219 219 Limit the users that are allowed to login via SSH. Only allow user `USER_NAME`=pi and root if `SSH_ENABLE_ROOT`=true to login.
220 220
221 221 ##### `SSH_ROOT_AUTHORIZED_KEYS`=""
222 Add specified SSH `authorized_keys2` file that contains keys for public key based SSH (v2) authentication of user `root`. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
222 Add specified SSH `authorized_keys` file that contains keys for public key based SSH (v2) authentication of user `root`. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
223 223
224 224 ##### `SSH_ROOT_PUB_KEY`=""
225 Add specified SSH (v2) public key file to `authorized_keys2` file to enable public key based SSH (v2) authentication of user `root`. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
225 Add specified SSH (v2) public key file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `root`. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
226 226
227 227 ##### `SSH_USER_AUTHORIZED_KEYS`=""
228 Add specified SSH `authorized_keys2` file that contains keys for public key based SSH (v2) authentication of user `USER_NAME`=pi. SSH protocol version 1 is not supported.
228 Add specified SSH `authorized_keys` file that contains keys for public key based SSH (v2) authentication of user `USER_NAME`=pi. SSH protocol version 1 is not supported.
229 229
230 230 ##### `SSH_USER_PUB_KEY`=""
231 Add specified SSH (v2) public key file to `authorized_keys2` file to enable public key based SSH (v2) authentication of user `USER_NAME`=pi. SSH protocol version 1 is not supported.
231 Add specified SSH (v2) public key file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `USER_NAME`=pi. SSH protocol version 1 is not supported.
232 232
233 233 #### Kernel compilation:
234 234 ##### `BUILD_KERNEL`=false
@@ -24,18 +24,18 if [ "$ENABLE_SSHD" = true ] ; then
24 24
25 25 # Install SSH (v2) authorized keys file for user root
26 26 if [ ! -z "$SSH_ROOT_AUTHORIZED_KEYS" ] ; then
27 install_readonly "$SSH_ROOT_AUTHORIZED_KEYS" "${R}/root/.ssh/authorized_keys2"
27 install_readonly "$SSH_ROOT_AUTHORIZED_KEYS" "${R}/root/.ssh/authorized_keys"
28 28 fi
29 29
30 30 # Add SSH (v2) public key for user root
31 31 if [ ! -z "$SSH_ROOT_PUB_KEY" ] ; then
32 cat "$SSH_ROOT_PUB_KEY" >> "${R}/root/.ssh/authorized_keys2"
32 cat "$SSH_ROOT_PUB_KEY" >> "${R}/root/.ssh/authorized_keys"
33 33 fi
34 34
35 35 # Set permissions of root SSH authorized keys file
36 if [ -f "${R}/root/.ssh/authorized_keys2" ] ; then
37 chroot_exec chmod 600 "/root/.ssh/authorized_keys2"
38 chroot_exec chown root:root "/root/.ssh/authorized_keys2"
36 if [ -f "${R}/root/.ssh/authorized_keys" ] ; then
37 chroot_exec chmod 600 "/root/.ssh/authorized_keys"
38 chroot_exec chown root:root "/root/.ssh/authorized_keys"
39 39
40 40 # Allow SSH public key authentication
41 41 sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config"
@@ -52,18 +52,18 if [ "$ENABLE_SSHD" = true ] ; then
52 52
53 53 # Install SSH (v2) authorized keys file for user $USER_NAME
54 54 if [ ! -z "$SSH_USER_AUTHORIZED_KEYS" ] ; then
55 install_readonly "$SSH_USER_AUTHORIZED_KEYS" "${R}/home/${USER_NAME}/.ssh/authorized_keys2"
55 install_readonly "$SSH_USER_AUTHORIZED_KEYS" "${R}/home/${USER_NAME}/.ssh/authorized_keys"
56 56 fi
57 57
58 58 # Add SSH (v2) public key for user $USER_NAME
59 59 if [ ! -z "$SSH_USER_PUB_KEY" ] ; then
60 cat "$SSH_USER_PUB_KEY" >> "${R}/home/${USER_NAME}/.ssh/authorized_keys2"
60 cat "$SSH_USER_PUB_KEY" >> "${R}/home/${USER_NAME}/.ssh/authorized_keys"
61 61 fi
62 62
63 63 # Set permissions of $USER_NAME SSH authorized keys file
64 if [ -f "${R}/home/${USER_NAME}/.ssh/authorized_keys2" ] ; then
65 chroot_exec chmod 600 "/home/${USER_NAME}/.ssh/authorized_keys2"
66 chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh/authorized_keys2"
64 if [ -f "${R}/home/${USER_NAME}/.ssh/authorized_keys" ] ; then
65 chroot_exec chmod 600 "/home/${USER_NAME}/.ssh/authorized_keys"
66 chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh/authorized_keys"
67 67
68 68 # Allow SSH public key authentication
69 69 sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config"
@@ -261,7 +261,7 if [ "$ENABLE_UBOOT" = true ] ; then
261 261 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler"
262 262 fi
263 263
264 # Check if root SSH (v2) authorized keys file exists
264 # Check if root SSH authorized keys file exists
265 265 if [ ! -z "$SSH_ROOT_AUTHORIZED_KEYS" ] ; then
266 266 if [ ! -f "$SSH_ROOT_AUTHORIZED_KEYS" ] ; then
267 267 echo "error: '$SSH_ROOT_AUTHORIZED_KEYS' specified SSH authorized keys file not found (SSH_ROOT_AUTHORIZED_KEYS)!"
@@ -269,7 +269,7 if [ ! -z "$SSH_ROOT_AUTHORIZED_KEYS" ] ; then
269 269 fi
270 270 fi
271 271
272 # Check if $USER_NAME SSH (v2) authorized keys file exists
272 # Check if $USER_NAME SSH authorized keys file exists
273 273 if [ ! -z "$SSH_USER_AUTHORIZED_KEYS" ] ; then
274 274 if [ ! -f "$SSH_USER_AUTHORIZED_KEYS" ] ; then
275 275 echo "error: '$SSH_USER_AUTHORIZED_KEYS' specified SSH authorized keys file not found (SSH_USER_AUTHORIZED_KEYS)!"
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant