free
/
freedombone
Seguir 1
Destacar 0
Cuchillo 0
Código Incidencias 0 Peticiones pull 0 Lanzamientos 0 Wiki Activity
Explorar el Código

Option to use an ssh pubkey during image creation

Bob Mottram hace 9 años
padre
df1c11802d
commit
cc6dff68ed
Se han modificado 3 ficheros con 29 adiciones y 1 borrados
Dividir vista Mostrar estadísticas de diff
  1. 9
    1
      src/freedombone-image
  2. 18
    0
      src/freedombone-image-customise
  3. 2
    0
      src/freedombone-image-make

+ 9
- 1
src/freedombone-image Ver fichero 

@@ -58,6 +58,9 @@ DEFAULT_DOMAIN_NAME="${PROJECT_NAME}.local"
58 58 
 # Minimum number of characters in a password
59 59 
 MINIMUM_PASSWORD_LENGTH=10
60 60
61 
+# Optional ssh public key to allow
62 
+SSH_PUBKEY="no"
63 
+
61 64 
 while [[ $# > 1 ]]
62 65 
 do
63 66 
 key="$1"
 
@@ -91,6 +94,10 @@ case $key in
91 94 
         exit 3628
92 95 
     fi
93 96 
     ;;
97 
+    --sshkey|--sshpubkey|--pubkey)
98 
+    shift
99 
+    SSH_PUBKEY="$1"
100 
+    ;;
94 101 
     -s|--size)
95 102 
     shift
96 103 
     IMAGE_SIZE="$1"
 
@@ -169,7 +176,8 @@ make $IMAGE_TYPE \
169 176 
     NAMESERVER2="$NAMESERVER2" \
170 177 
     PROJECT_NAME="$PROJECT_NAME" \
171 178 
     CONFIG_FILENAME="$CONFIG_FILENAME" \
172 
-    IMAGE_SIZE="$IMAGE_SIZE"
179 
+    IMAGE_SIZE="$IMAGE_SIZE" \
180 
+	SSH_PUBKEY="$SSH_PUBKEY"
173 181
174 182 
 shopt -s nullglob
175 183 
 imgfiles=(build/${PROJECT_NAME}*.img)

+ 18
- 0
src/freedombone-image-customise Ver fichero 

@@ -47,6 +47,9 @@ NAMESERVER2='85.214.20.141'
47 47 
 # optional configuration file containing freedombone settings
48 48 
 CONFIG_FILENAME=
49 49
50 
+# Optional ssh public key to allow
51 
+SSH_PUBKEY="no"
52 
+
50 53 
 enable_eatmydata_override() {
51 54 
     chroot $rootdir apt-get install --no-install-recommends -y eatmydata
52 55 
     if [ -x $rootdir/usr/bin/eatmydata ] && \
 
@@ -149,6 +152,20 @@ To complete the installation run the following:
149 152 
 ' > $rootdir/etc/init.d/motd
150 153 
 }
151 154
155 
+configure_ssh {
156 
+    if [[ "$SSH_PUBKEY" != "no" ]]; then
157 
+        if [ ! -d $rootdir/home/$MY_USERNAME/.ssh ]; then
158 
+            mkdir $rootdir/home/$MY_USERNAME/.ssh
159 
+        fi
160 
+        echo "$SSH_PUBKEY" > $rootdir/home/$MY_USERNAME/.ssh/authorized_keys
161 
+        chroot $rootdir chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh
162 
+        sed -i 's|PasswordAuthentication.*|PasswordAuthentication no|g' $rootdir/etc/ssh/sshd_config
163 
+        echo "Using ssh public key:"
164 
+        echo $SSH_PUBKEY
165 
+        echo 'Password ssh authentication turned off'
166 
+    fi
167 
+}
168 
+
152 169 
 continue_installation {
153 170 
     # If a configuration file exists then run with it
154 171 
     # otherwise the interactive installer can be used
 
@@ -252,6 +269,7 @@ fi
252 269 
 set_apt_sources $MIRROR
253 270 
 chroot $rootdir apt-get update
254 271
272 
+configure_ssh
255 273 
 configure_networking
256 274 
 continue_installation
257 275

+ 2
- 0
src/freedombone-image-make Ver fichero 

@@ -44,6 +44,7 @@ export NAMESERVER1
44 44 
 export NAMESERVER2
45 45 
 export PROJECT_NAME
46 46 
 export CONFIG_FILENAME
47 
+export SSH_PUBKEY
47 48
48 49 
 # Locate vmdebootstrap program fetched in Makefile
49 50 
 basedir=`pwd`
 
@@ -137,6 +138,7 @@ sudo sed -i "s|NAMESERVER1=.*|NAMESERVER1=${NAMESERVER1}|g" $TEMP_CUSTOMISE
137 138 
 sudo sed -i "s|NAMESERVER2=.*|NAMESERVER2=${NAMESERVER1}|g" $TEMP_CUSTOMISE
138 139 
 sudo sed -i "s|PROJECT_NAME=.*|PROJECT_NAME=${PROJECT_NAME}|g" $TEMP_CUSTOMISE
139 140 
 sudo sed -i "s|CONFIG_FILENAME=.*|CONFIG_FILENAME=${CONFIG_FILENAME}|g" $TEMP_CUSTOMISE
141 
+sudo sed -i "s|SSH_PUBKEY=.*|SSH_PUBKEY=${SSH_PUBKEY}|g" $TEMP_CUSTOMISE
140 142
141 143 
 echo "starting $VMDEBOOTSTRAP"
142 144 
 # Run vmdebootstrap script to create image