Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/share/sushi/system Add the capabilty to sushi to edit the /e...
details: https://anonhg.NetBSD.org/src/rev/c400f2eb17e0
branches: trunk
changeset: 513491:c400f2eb17e0
user: garbled <garbled%NetBSD.org@localhost>
date: Thu Aug 02 05:41:18 2001 +0000
description:
Add the capabilty to sushi to edit the /etc/sshd.conf file. The defaults
are taken from the manpage.
diffstat:
share/sushi/system/Makefile | 4 +-
share/sushi/system/sshdconf/Makefile | 10 ++++++
share/sushi/system/sshdconf/defaults | 50 ++++++++++++++++++++++++++++++++++
share/sushi/system/sshdconf/form | 52 ++++++++++++++++++++++++++++++++++++
share/sushi/system/sshdconf/help | 6 ++++
share/sushi/system/sshdconf/script | 26 ++++++++++++++++++
share/sushi/system/sshdconf/script1 | 11 +++++++
share/sushi/system/sshdconf/script2 | 19 +++++++++++++
share/sushi/system/sshdconf/script3 | 33 ++++++++++++++++++++++
share/sushi/system/sshdconf/script4 | 12 ++++++++
share/sushi/system/sshdconf/script5 | 19 +++++++++++++
share/sushi/system/sshdconf/script6 | 19 +++++++++++++
12 files changed, 259 insertions(+), 2 deletions(-)
diffs (truncated from 314 to 300 lines):
diff -r 12f4b6fb4fec -r c400f2eb17e0 share/sushi/system/Makefile
--- a/share/sushi/system/Makefile Thu Aug 02 04:30:01 2001 +0000
+++ b/share/sushi/system/Makefile Thu Aug 02 05:41:18 2001 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.5 2001/04/29 04:53:05 garbled Exp $
+# $NetBSD: Makefile,v 1.6 2001/08/02 05:41:18 garbled Exp $
SUBDIR= rcconf dailyconf weeklyconf securityconf inetdconf mailerconf
-SUBDIR+= usermgmtconf sysctl localtime
+SUBDIR+= usermgmtconf sysctl localtime sshdconf
FILES= index help
FILESDIR=${BINDIR}/sushi/system
diff -r 12f4b6fb4fec -r c400f2eb17e0 share/sushi/system/sshdconf/Makefile
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/share/sushi/system/sshdconf/Makefile Thu Aug 02 05:41:18 2001 +0000
@@ -0,0 +1,10 @@
+# $NetBSD: Makefile,v 1.1 2001/08/02 05:41:19 garbled Exp $
+
+FILES= form help defaults
+FILESDIR=${BINDIR}/sushi/system/sshdconf
+SCRIPTS= script script1 script2 script3 script4 script5 script6
+SCRIPTSDIR=${BINDIR}/sushi/system/sshdconf
+MKOBJ= no
+
+.include "../../../Makefile.inc"
+.include <bsd.prog.mk>
diff -r 12f4b6fb4fec -r c400f2eb17e0 share/sushi/system/sshdconf/defaults
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/share/sushi/system/sshdconf/defaults Thu Aug 02 05:41:18 2001 +0000
@@ -0,0 +1,50 @@
+AFSTokenPassing yes
+AllowGroups
+AllowTcpForwarding yes
+AllowUsers
+AuthorizedKeysFile %h/.ssh/authorized_keys
+Banner
+ChallengeResponseAuthentication yes
+CheckMail no
+Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour
+ClientAliveInterval 0
+ClientAliveCountMax 3
+DenyGroups
+DenyUsers
+GatewayPorts no
+HostbasedAuthentication no
+IgnoreRhosts yes
+IgnoreUserKnownHosts no
+KeepAlive yes
+KerberosAuthentication yes
+KerberosOrLocalPasswd yes
+KerberosTgtPassing no
+KerberosTicketCleanup yes
+KeyRegenerationInterval 3600
+LoginGraceTime 600
+LogLevel INFO
+MACs hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96
+MaxStartups 10:100:10
+PasswordAuthentication yes
+PermitEmptyPasswords no
+PermitRootLogin yes
+PidFile /var/run/sshd.pid
+Port 22
+PrintLastLog yes
+PrintMotd yes
+Protocol 2,1
+PubkeyAuthentication yes
+ReverseMappingCheck no
+RhostsAuthentication no
+RhostsRSAAuthentication no
+RSAAuthentication yes
+ServerKeyBits 768
+StrictModes yes
+SyslogFacility AUTH
+UseLogin no
+X11DisplayOffset 10
+X11Forwarding no
+XAuthLocation /usr/X11R6/bin/xauth
+HostKey /etc/ssh_host_key
+HostKey /etc/ssh_host_rsa_key
+HostKey /etc/ssh_host_dsa_key
diff -r 12f4b6fb4fec -r c400f2eb17e0 share/sushi/system/sshdconf/form
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/share/sushi/system/sshdconf/form Thu Aug 02 05:41:18 2001 +0000
@@ -0,0 +1,52 @@
+# $NetBSD: form,v 1.1 2001/08/02 05:41:19 garbled Exp $
+list:yes,no Restart sshd now?
+script:script2,AFSTokenPassing Pass AFS Tokens to server?
+escript:50,script4,AllowGroups Space separated list of groups to allow
+script:script2,AllowTcpForwarding TCP forwarding permitted?
+escript:50,script4,AllowUsers Space separated list of users to allow
+escript:50,script1,AuthorizedKeysFile File that contains the public RSA keys
+escript:50,script1,Banner File containing warning banner
+script:script2,ChallengeResponseAuthentication Challenge response authentication allowed?
+script:script2,CheckMail Check new mail on login?
+escript:60,script1,Ciphers Comma separated list of ciphers to use
+escript:4,script1,ClientAliveInterval Timeout interval in seconds
+escript:4,script1,ClientAliveCountMax Maximum number of timeouts allowed
+escript:50,script4,DenyGroups Space separated list of groups to deny
+escript:50,script4,DenyUsers Space separated list of users to deny
+script:script2,GatewayPorts Allow hosts to connect to forwarded ports
+script:script2,HostbasedAuthentication Allow rhosts authentication?
+escript:50,script3,HostKey,1 RSA1 host key file
+escript:50,script3,HostKey,2 RSA V2 host key file
+escript:50,script3,HostKey,3 DSA host key file
+script:script2,IgnoreRhosts Ignore .rhosts and .shosts files?
+script:script2,IgnoreUserKnownHosts Ignore user's known_hosts file?
+script:script2,KeepAlive Send keepalive messages?
+script:script2,KerberosAuthentication Allow kerberos authentication?
+script:script2,KerberosOrLocalPasswd Allow passwd auth if kerb. fails?
+script:script2,KerberosTgtPassing Forward kerberos tickets to server?
+script:script2,KerberosTicketCleanup Destroy user's ticket on logout?
+escript:6,script1,KeyRegenerationInterval Key regeneration frequency in seconds
+escript:6,script1,LoginGraceTime Grace time before disconnect during login
+script:script5,LogLevel Verbosity of logging
+escript:60,script1,MACs Comma separated list of MACs to use
+escript:8,script1,MaxStartups Max. number of unauth. conn. to sshd
+script:script2,PasswordAuthentication Password authentication allowed?
+script:script2,PermitEmptyPasswords Permit empty passwords on login?
+script:script2,PermitRootLogin Permit root logins?
+escript:50,script1,PidFile File that contains the PID of sshd
+escript:5,script1,Port Port for sshd to listen on
+script:script2,PrintLastLog Print last time user logged on?
+script:script2,PrintMotd Print /etc/motd at login?
+escript:5,script1,Protocol Comma separated list of protocols to support
+script:script2,PubkeyAuthentication Allow public key authentication?
+script:script2,ReverseMappingCheck Perform reverse DNS map verification?
+script:script2,RhostsAuthentication Allow .rhosts authentication?
+script:script2,RhostsRSAAuthentication Allow .rhosts auth. with RSA?
+script:script2,RSAAuthentication Allow pure RSA authentication?
+escript:5,script1,ServerKeyBits Bits to use in the V1 server key
+script:script2,StrictModes Strict file permission checking?
+script:script6,SyslogFacility Facility to log messages via
+script:script2,UseLogin Use login(1) for login sessions
+escript:5,script1,X11DisplayOffset Offset for X11 forwarding
+script:script2,X11Forwarding Allow X11 forwarding?
+escript:50,script1,XAuthLocation Location of xauth(1) program
diff -r 12f4b6fb4fec -r c400f2eb17e0 share/sushi/system/sshdconf/help
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/share/sushi/system/sshdconf/help Thu Aug 02 05:41:18 2001 +0000
@@ -0,0 +1,6 @@
+It is advised that the user read the sshd(8) manpage before editing any
+of the defaults provided. Some of these options can seriously degrade
+the security of your system. The defaults provided are generally considered
+to be fairly secure.
+
+$NetBSD: help,v 1.1 2001/08/02 05:41:19 garbled Exp $
diff -r 12f4b6fb4fec -r c400f2eb17e0 share/sushi/system/sshdconf/script
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/share/sushi/system/sshdconf/script Thu Aug 02 05:41:18 2001 +0000
@@ -0,0 +1,26 @@
+#!/bin/sh
+# $NetBSD: script,v 1.1 2001/08/02 05:41:19 garbled Exp $
+
+if [ "$1" = "yes" ]; then
+ RESTART=yes
+fi
+
+OPT=`cat /usr/share/sushi/system/sshdconf/form | sed -e 's/.*script[1-9],\(.*\) *.*/\1/' \
+ | sed -e 's/,.*//' | grep -v '^#' | grep -v '^list:'`
+echo -n "# Generated by sushi on " > /etc/sshd.conf
+date >>/etc/sshd.conf
+a=2
+for i in $OPT
+do
+ ANS=$(echo `eval echo \\$${a}`)
+ if [ ! -z "$ANS" ]; then
+ echo "$i $ANS" >> /etc/sshd.conf
+ fi
+ a=`expr $a + 1`
+done
+chmod 644 /etc/sshd.conf
+chown root:wheel /etc/sshd.conf
+echo "Successfully wrote a new sshd.conf file"
+if [ ! -z "$RESTART" ]; then
+ /etc/rc.d/sshd reload
+fi
diff -r 12f4b6fb4fec -r c400f2eb17e0 share/sushi/system/sshdconf/script1
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/share/sushi/system/sshdconf/script1 Thu Aug 02 05:41:18 2001 +0000
@@ -0,0 +1,11 @@
+#!/bin/sh
+# $NetBSD: script1,v 1.1 2001/08/02 05:41:19 garbled Exp $
+
+VAR=`grep "^$1" /etc/sshd.conf | awk '{print $2}'`
+if [ -z "$VAR" ]; then
+ VAR=`grep "^$1" /usr/share/sushi/system/sshdconf//defaults | awk '{print $2}'` fi
+if [ -z "$VAR" ]; then
+ echo ""
+else
+ echo "$VAR"
+fi
diff -r 12f4b6fb4fec -r c400f2eb17e0 share/sushi/system/sshdconf/script2
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/share/sushi/system/sshdconf/script2 Thu Aug 02 05:41:18 2001 +0000
@@ -0,0 +1,19 @@
+#!/bin/sh
+# $NetBSD: script2,v 1.1 2001/08/02 05:41:19 garbled Exp $
+
+VAR=`grep "^$1" /etc/sshd.conf | awk '{print $2}'`
+if [ -z "$VAR" ]; then
+ VAR=`grep "^$1" /usr/share/sushi/system/sshdconf/defaults | awk '{print $2}'`
+fi
+if [ -z "$VAR" ]; then
+ echo "no"
+ echo "yes"
+else
+ if [ "$VAR" = "yes" ]; then
+ echo "yes"
+ echo "no"
+ else
+ echo "no"
+ echo "yes"
+ fi
+fi
diff -r 12f4b6fb4fec -r c400f2eb17e0 share/sushi/system/sshdconf/script3
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/share/sushi/system/sshdconf/script3 Thu Aug 02 05:41:18 2001 +0000
@@ -0,0 +1,33 @@
+#!/bin/sh
+# $NetBSD: script3,v 1.1 2001/08/02 05:41:19 garbled Exp $
+
+NUM=`grep -c "^$1" /etc/sshd.conf`
+
+if [ "$2" = "1" ]; then
+ VAR=`grep "^$1" /etc/sshd.conf | awk '{print $2}' | head -1`
+ if [ -z "$VAR" ]; then
+ VAR=`grep "^$1" /usr/share/sushi/system/sshdconf/defaults | awk '{print $2}' | head -1`
+ fi
+fi
+if [ "$2" = "2" ]; then
+ if [ $NUM -gt 1 ]; then
+ VAR=`grep "^$1" /etc/sshd.conf | awk '{print $2}' | head -2 | tail -1`
+ fi
+ if [ -z "$VAR" ]; then
+ VAR=`grep "^$1" /usr/share/sushi/system/sshdconf/defaults | awk '{print $2}' | head -2 | tail -1`
+ fi
+fi
+if [ "$2" = "3" ]; then
+ if [ $NUM -gt 2 ]; then
+ VAR=`grep "^$1" /etc/sshd.conf | awk '{print $2}' | tail -1`
+ fi
+ if [ -z "$VAR" ]; then
+ VAR=`grep "^$1" /usr/share/sushi/system/sshdconf/defaults | awk '{print $2}' | tail -1`
+ fi
+fi
+
+if [ -z "$VAR" ]; then
+ echo ""
+else
+ echo "$VAR"
+fi
diff -r 12f4b6fb4fec -r c400f2eb17e0 share/sushi/system/sshdconf/script4
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/share/sushi/system/sshdconf/script4 Thu Aug 02 05:41:18 2001 +0000
@@ -0,0 +1,12 @@
+#!/bin/sh
+# $NetBSD: script4,v 1.1 2001/08/02 05:41:19 garbled Exp $
+
+VAR=`grep "^$1" /etc/sshd.conf | sed -e "s/$1 *//"`
+if [ -z "$VAR" ]; then
+ VAR=`grep "^$1" /usr/share/sushi/system/sshdconf/defaults | awk '{print $2}'`
+fi
+if [ -z "$VAR" ]; then
+ echo ""
+else
+ echo "$VAR"
+fi
diff -r 12f4b6fb4fec -r c400f2eb17e0 share/sushi/system/sshdconf/script5
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/share/sushi/system/sshdconf/script5 Thu Aug 02 05:41:18 2001 +0000
@@ -0,0 +1,19 @@
+#!/bin/sh
+# $NetBSD: script5,v 1.1 2001/08/02 05:41:19 garbled Exp $
+
+VAR=`grep "^$1" /etc/sshd.conf | awk '{print $2}'`
+if [ -z "$VAR" ]; then
+ VAR=`grep "^$1" /usr/share/sushi/system/sshdconf/defaults | awk '{print $2}'`
+fi
+if [ -z "$VAR" ]; then
+ for i in INFO QUIET FATAL ERROR VERBOSE DEBUG
+ do
+ echo "$i"
+ done
+else
+ echo "$VAR"
+ for i in INFO QUIET FATAL ERROR VERBOSE DEBUG
+ do
+ echo "$i" | grep -v "$VAR"
+ done
+fi
diff -r 12f4b6fb4fec -r c400f2eb17e0 share/sushi/system/sshdconf/script6
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/share/sushi/system/sshdconf/script6 Thu Aug 02 05:41:18 2001 +0000
@@ -0,0 +1,19 @@
+#!/bin/sh
+# $NetBSD: script6,v 1.1 2001/08/02 05:41:19 garbled Exp $
+
+VAR=`grep "^$1" /etc/sshd.conf | awk '{print $2}'`
+if [ -z "$VAR" ]; then
Home |
Main Index |
Thread Index |
Old Index