##// END OF EJS Templates
Raspi2-3_GenImage
RSS

Cloner depuis https://github.com/drtyhlpr/rpi23-gen-image.git

Fixed: Use authorized_keys file instead of authorized_keys2
drtyhlpr -
r123:f35e7443794e
parent child
Show More
Show file before | Show file after | Hide comments
@@ -219,16 +219,16 Disable password based SSH authentication. Only public key based SSH (v2) authen
219 Limit the users that are allowed to login via SSH. Only allow user `USER_NAME`=pi and root if `SSH_ENABLE_ROOT`=true to login.
219 Limit the users that are allowed to login via SSH. Only allow user `USER_NAME`=pi and root if `SSH_ENABLE_ROOT`=true to login.
220
220
221 ##### `SSH_ROOT_AUTHORIZED_KEYS`=""
221 ##### `SSH_ROOT_AUTHORIZED_KEYS`=""
222 Add specified SSH `authorized_keys2` file that contains keys for public key based SSH (v2) authentication of user `root`. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
222 Add specified SSH `authorized_keys` file that contains keys for public key based SSH (v2) authentication of user `root`. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
223
223
224 ##### `SSH_ROOT_PUB_KEY`=""
224 ##### `SSH_ROOT_PUB_KEY`=""
225 Add specified SSH (v2) public key file to `authorized_keys2` file to enable public key based SSH (v2) authentication of user `root`. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
225 Add specified SSH (v2) public key file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `root`. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
226
226
227 ##### `SSH_USER_AUTHORIZED_KEYS`=""
227 ##### `SSH_USER_AUTHORIZED_KEYS`=""
228 Add specified SSH `authorized_keys2` file that contains keys for public key based SSH (v2) authentication of user `USER_NAME`=pi. SSH protocol version 1 is not supported.
228 Add specified SSH `authorized_keys` file that contains keys for public key based SSH (v2) authentication of user `USER_NAME`=pi. SSH protocol version 1 is not supported.
229
229
230 ##### `SSH_USER_PUB_KEY`=""
230 ##### `SSH_USER_PUB_KEY`=""
231 Add specified SSH (v2) public key file to `authorized_keys2` file to enable public key based SSH (v2) authentication of user `USER_NAME`=pi. SSH protocol version 1 is not supported.
231 Add specified SSH (v2) public key file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `USER_NAME`=pi. SSH protocol version 1 is not supported.
232
232
233 #### Kernel compilation:
233 #### Kernel compilation:
234 ##### `BUILD_KERNEL`=false
234 ##### `BUILD_KERNEL`=false
Show file before | Show file after | Hide comments
@@ -24,18 +24,18 if [ "$ENABLE_SSHD" = true ] ; then
24
24
25 # Install SSH (v2) authorized keys file for user root
25 # Install SSH (v2) authorized keys file for user root
26 if [ ! -z "$SSH_ROOT_AUTHORIZED_KEYS" ] ; then
26 if [ ! -z "$SSH_ROOT_AUTHORIZED_KEYS" ] ; then
27 install_readonly "$SSH_ROOT_AUTHORIZED_KEYS" "${R}/root/.ssh/authorized_keys2"
27 install_readonly "$SSH_ROOT_AUTHORIZED_KEYS" "${R}/root/.ssh/authorized_keys"
28 fi
28 fi
29
29
30 # Add SSH (v2) public key for user root
30 # Add SSH (v2) public key for user root
31 if [ ! -z "$SSH_ROOT_PUB_KEY" ] ; then
31 if [ ! -z "$SSH_ROOT_PUB_KEY" ] ; then
32 cat "$SSH_ROOT_PUB_KEY" >> "${R}/root/.ssh/authorized_keys2"
32 cat "$SSH_ROOT_PUB_KEY" >> "${R}/root/.ssh/authorized_keys"
33 fi
33 fi
34
34
35 # Set permissions of root SSH authorized keys file
35 # Set permissions of root SSH authorized keys file
36 if [ -f "${R}/root/.ssh/authorized_keys2" ] ; then
36 if [ -f "${R}/root/.ssh/authorized_keys" ] ; then
37 chroot_exec chmod 600 "/root/.ssh/authorized_keys2"
37 chroot_exec chmod 600 "/root/.ssh/authorized_keys"
38 chroot_exec chown root:root "/root/.ssh/authorized_keys2"
38 chroot_exec chown root:root "/root/.ssh/authorized_keys"
39
39
40 # Allow SSH public key authentication
40 # Allow SSH public key authentication
41 sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config"
41 sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config"
@@ -52,18 +52,18 if [ "$ENABLE_SSHD" = true ] ; then
52
52
53 # Install SSH (v2) authorized keys file for user $USER_NAME
53 # Install SSH (v2) authorized keys file for user $USER_NAME
54 if [ ! -z "$SSH_USER_AUTHORIZED_KEYS" ] ; then
54 if [ ! -z "$SSH_USER_AUTHORIZED_KEYS" ] ; then
55 install_readonly "$SSH_USER_AUTHORIZED_KEYS" "${R}/home/${USER_NAME}/.ssh/authorized_keys2"
55 install_readonly "$SSH_USER_AUTHORIZED_KEYS" "${R}/home/${USER_NAME}/.ssh/authorized_keys"
56 fi
56 fi
57
57
58 # Add SSH (v2) public key for user $USER_NAME
58 # Add SSH (v2) public key for user $USER_NAME
59 if [ ! -z "$SSH_USER_PUB_KEY" ] ; then
59 if [ ! -z "$SSH_USER_PUB_KEY" ] ; then
60 cat "$SSH_USER_PUB_KEY" >> "${R}/home/${USER_NAME}/.ssh/authorized_keys2"
60 cat "$SSH_USER_PUB_KEY" >> "${R}/home/${USER_NAME}/.ssh/authorized_keys"
61 fi
61 fi
62
62
63 # Set permissions of $USER_NAME SSH authorized keys file
63 # Set permissions of $USER_NAME SSH authorized keys file
64 if [ -f "${R}/home/${USER_NAME}/.ssh/authorized_keys2" ] ; then
64 if [ -f "${R}/home/${USER_NAME}/.ssh/authorized_keys" ] ; then
65 chroot_exec chmod 600 "/home/${USER_NAME}/.ssh/authorized_keys2"
65 chroot_exec chmod 600 "/home/${USER_NAME}/.ssh/authorized_keys"
66 chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh/authorized_keys2"
66 chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh/authorized_keys"
67
67
68 # Allow SSH public key authentication
68 # Allow SSH public key authentication
69 sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config"
69 sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config"
Show file before | Show file after | Hide comments
@@ -261,7 +261,7 if [ "$ENABLE_UBOOT" = true ] ; then
261 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler"
261 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler"
262 fi
262 fi
263
263
264 # Check if root SSH (v2) authorized keys file exists
264 # Check if root SSH authorized keys file exists
265 if [ ! -z "$SSH_ROOT_AUTHORIZED_KEYS" ] ; then
265 if [ ! -z "$SSH_ROOT_AUTHORIZED_KEYS" ] ; then
266 if [ ! -f "$SSH_ROOT_AUTHORIZED_KEYS" ] ; then
266 if [ ! -f "$SSH_ROOT_AUTHORIZED_KEYS" ] ; then
267 echo "error: '$SSH_ROOT_AUTHORIZED_KEYS' specified SSH authorized keys file not found (SSH_ROOT_AUTHORIZED_KEYS)!"
267 echo "error: '$SSH_ROOT_AUTHORIZED_KEYS' specified SSH authorized keys file not found (SSH_ROOT_AUTHORIZED_KEYS)!"
@@ -269,7 +269,7 if [ ! -z "$SSH_ROOT_AUTHORIZED_KEYS" ] ; then
269 fi
269 fi
270 fi
270 fi
271
271
272 # Check if $USER_NAME SSH (v2) authorized keys file exists
272 # Check if $USER_NAME SSH authorized keys file exists
273 if [ ! -z "$SSH_USER_AUTHORIZED_KEYS" ] ; then
273 if [ ! -z "$SSH_USER_AUTHORIZED_KEYS" ] ; then
274 if [ ! -f "$SSH_USER_AUTHORIZED_KEYS" ] ; then
274 if [ ! -f "$SSH_USER_AUTHORIZED_KEYS" ] ; then
275 echo "error: '$SSH_USER_AUTHORIZED_KEYS' specified SSH authorized keys file not found (SSH_USER_AUTHORIZED_KEYS)!"
275 echo "error: '$SSH_USER_AUTHORIZED_KEYS' specified SSH authorized keys file not found (SSH_USER_AUTHORIZED_KEYS)!"
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant