free
/
freedombone
Следить 1
В избранное 0
Форкнуть 0
Код Задачи 0 Pull Request'ы 0 Релизы 0 Вики Активность
Просмотр исходного кода

Option to use an ssh pubkey during image creation

Bob Mottram 9 лет назад
Родитель
df1c11802d
Сommit
cc6dff68ed
3 измененных файлов: 29 добавлений и 1 удалений
Единый вид Показать статистику Diff
  1. 9
    1
      src/freedombone-image
  2. 18
    0
      src/freedombone-image-customise
  3. 2
    0
      src/freedombone-image-make

+ 9
- 1
src/freedombone-image Просмотреть файл

58 
 # Minimum number of characters in a password
 58 
 # Minimum number of characters in a password
59 
 MINIMUM_PASSWORD_LENGTH=10
 59 
 MINIMUM_PASSWORD_LENGTH=10
60
60
61 
+# Optional ssh public key to allow
62 
+SSH_PUBKEY="no"
63 
+
61 
 while [[ $# > 1 ]]
 64 
 while [[ $# > 1 ]]
62 
 do
 65 
 do
63 
 key="$1"
 66 
 key="$1"
91 
         exit 3628
 94 
         exit 3628
92 
     fi
 95 
     fi
93 
     ;;
 96 
     ;;
97 
+    --sshkey|--sshpubkey|--pubkey)
98 
+    shift
99 
+    SSH_PUBKEY="$1"
100 
+    ;;
94 
     -s|--size)
 101 
     -s|--size)
95 
     shift
 102 
     shift
96 
     IMAGE_SIZE="$1"
 103 
     IMAGE_SIZE="$1"
169 
     NAMESERVER2="$NAMESERVER2" \
 176 
     NAMESERVER2="$NAMESERVER2" \
170 
     PROJECT_NAME="$PROJECT_NAME" \
 177 
     PROJECT_NAME="$PROJECT_NAME" \
171 
     CONFIG_FILENAME="$CONFIG_FILENAME" \
 178 
     CONFIG_FILENAME="$CONFIG_FILENAME" \
172 
-    IMAGE_SIZE="$IMAGE_SIZE"
179 
+    IMAGE_SIZE="$IMAGE_SIZE" \
180 
+	SSH_PUBKEY="$SSH_PUBKEY"
173
181
174 
 shopt -s nullglob
 182 
 shopt -s nullglob
175 
 imgfiles=(build/${PROJECT_NAME}*.img)
 183 
 imgfiles=(build/${PROJECT_NAME}*.img)

+ 18
- 0
src/freedombone-image-customise Просмотреть файл

47 
 # optional configuration file containing freedombone settings
 47 
 # optional configuration file containing freedombone settings
48 
 CONFIG_FILENAME=
 48 
 CONFIG_FILENAME=
49
49
50 
+# Optional ssh public key to allow
51 
+SSH_PUBKEY="no"
52 
+
50 
 enable_eatmydata_override() {
 53 
 enable_eatmydata_override() {
51 
     chroot $rootdir apt-get install --no-install-recommends -y eatmydata
 54 
     chroot $rootdir apt-get install --no-install-recommends -y eatmydata
52 
     if [ -x $rootdir/usr/bin/eatmydata ] && \
 55 
     if [ -x $rootdir/usr/bin/eatmydata ] && \
149 
 ' > $rootdir/etc/init.d/motd
 152 
 ' > $rootdir/etc/init.d/motd
150 
 }
 153 
 }
151
154
155 
+configure_ssh {
156 
+    if [[ "$SSH_PUBKEY" != "no" ]]; then
157 
+        if [ ! -d $rootdir/home/$MY_USERNAME/.ssh ]; then
158 
+            mkdir $rootdir/home/$MY_USERNAME/.ssh
159 
+        fi
160 
+        echo "$SSH_PUBKEY" > $rootdir/home/$MY_USERNAME/.ssh/authorized_keys
161 
+        chroot $rootdir chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh
162 
+        sed -i 's|PasswordAuthentication.*|PasswordAuthentication no|g' $rootdir/etc/ssh/sshd_config
163 
+        echo "Using ssh public key:"
164 
+        echo $SSH_PUBKEY
165 
+        echo 'Password ssh authentication turned off'
166 
+    fi
167 
+}
168 
+
152 
 continue_installation {
 169 
 continue_installation {
153 
     # If a configuration file exists then run with it
 170 
     # If a configuration file exists then run with it
154 
     # otherwise the interactive installer can be used
 171 
     # otherwise the interactive installer can be used
252 
 set_apt_sources $MIRROR
 269 
 set_apt_sources $MIRROR
253 
 chroot $rootdir apt-get update
 270 
 chroot $rootdir apt-get update
254
271
272 
+configure_ssh
255 
 configure_networking
 273 
 configure_networking
256 
 continue_installation
 274 
 continue_installation
257
275

+ 2
- 0
src/freedombone-image-make Просмотреть файл

44 
 export NAMESERVER2
 44 
 export NAMESERVER2
45 
 export PROJECT_NAME
 45 
 export PROJECT_NAME
46 
 export CONFIG_FILENAME
 46 
 export CONFIG_FILENAME
47 
+export SSH_PUBKEY
47
48
48 
 # Locate vmdebootstrap program fetched in Makefile
 49 
 # Locate vmdebootstrap program fetched in Makefile
49 
 basedir=`pwd`
 50 
 basedir=`pwd`
137 
 sudo sed -i "s|NAMESERVER2=.*|NAMESERVER2=${NAMESERVER1}|g" $TEMP_CUSTOMISE
 138 
 sudo sed -i "s|NAMESERVER2=.*|NAMESERVER2=${NAMESERVER1}|g" $TEMP_CUSTOMISE
138 
 sudo sed -i "s|PROJECT_NAME=.*|PROJECT_NAME=${PROJECT_NAME}|g" $TEMP_CUSTOMISE
 139 
 sudo sed -i "s|PROJECT_NAME=.*|PROJECT_NAME=${PROJECT_NAME}|g" $TEMP_CUSTOMISE
139 
 sudo sed -i "s|CONFIG_FILENAME=.*|CONFIG_FILENAME=${CONFIG_FILENAME}|g" $TEMP_CUSTOMISE
 140 
 sudo sed -i "s|CONFIG_FILENAME=.*|CONFIG_FILENAME=${CONFIG_FILENAME}|g" $TEMP_CUSTOMISE
141 
+sudo sed -i "s|SSH_PUBKEY=.*|SSH_PUBKEY=${SSH_PUBKEY}|g" $TEMP_CUSTOMISE
140
142
141 
 echo "starting $VMDEBOOTSTRAP"
 143 
 echo "starting $VMDEBOOTSTRAP"
142 
 # Run vmdebootstrap script to create image
 144 
 # Run vmdebootstrap script to create image