diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2008-11-20 22:16:07 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2008-11-20 22:16:07 +0000 |
| commit | 36fcc77f39f780a3c97006edc9bc09d1ca3c2a64 (patch) | |
| tree | 2049ae4361b76750e1da726d4c8ff1291330b8c4 /etc/sshd | |
| parent | dff1a09d6037799a0a71c3b628bc83fddbab89dd (diff) | |
| download | pfsense-36fcc77f39f780a3c97006edc9bc09d1ca3c2a64.zip pfsense-36fcc77f39f780a3c97006edc9bc09d1ca3c2a64.tar.gz | |
* Ensure we are rw
* Remove seriously old dead code
Diffstat (limited to 'etc/sshd')
| -rwxr-xr-x | etc/sshd | 118 |
1 files changed, 8 insertions, 110 deletions
@@ -30,7 +30,7 @@ */ require_once("config.inc"); require_once("notices.inc"); - + if(isset($config['system']['enablesshd'])) { /* do nothing, we're enabled */ } else { @@ -39,6 +39,8 @@ exit; } + conf_mount_rw(); + function file_size($file) { $size = filesize($file); return $size; @@ -133,13 +135,14 @@ } /* are we already running? if so exit */ - if(file_exists("/tmp/keys_generating")) + if(file_exists("/tmp/keys_generating")) { + conf_mount_ro(); exit; - + } + if (!file_exists("$sshConfigDir/ssh_host_key") or file_exists("/etc/keys_generating")) { /* remove previous keys and regen later */ file_notice("SSH", "{$g['product_name']} has started creating your SSH keys. SSH Startup will be delayed. Please note that reloading the filter rules and changes will be delayed until this operation is completed.", "SSH KeyGen", ""); - conf_mount_rw(); mwexec("rm /etc/ssh/ssh_host_*"); touch("/etc/keys_generating"); touch("/tmp/keys_generating"); @@ -170,109 +173,4 @@ conf_mount_ro(); - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - exit; - - /* exit early, this needs more testing. */ - - if (!file_exists("$sshConfigDir/ssh_host_key") and $config['ssh']['dsa'] == "") { - /* generate keys */ - system("/usr/bin/nice -n20 /usr/bin/ssh-keygen -t rsa1 -N '' -f $sshConfigDir/ssh_host_key"); - system("/usr/bin/nice -n20 /usr/bin/ssh-keygen -t rsa -N '' -f $sshConfigDir/ssh_host_rsa_key"); - system("/usr/bin/nice -n20 /usr/bin/ssh-keygen -t dsa -N '' -f $sshConfigDir/ssh_host_dsa_key"); - - /* save keys */ - $dsa = file_get_contents("{$sshConfigDir}/ssh_host_dsa_key"); - $rsa = file_get_contents("{$sshConfigDir}/ssh_host_rsa_key"); - $rsa1 = file_get_contents("{$sshConfigDir}/ssh_host_key"); - $config['ssh']['dsa'] = base64_encode($dsa); - $config['ssh']['rsa'] = base64_encode($rsa); - $config['ssh']['rsa1']= base64_encode($rsa1); - - /* save public keys */ - $dsapub = file_get_contents("{$sshConfigDir}/ssh_host_dsa_key.pub"); - $rsapub = file_get_contents("{$sshConfigDir}/ssh_host_rsa_key.pub"); - $rsa1pub = file_get_contents("{$sshConfigDir}/ssh_host_key.pub"); - $config['ssh']['dsa_key'] = base64_encode($dsapub); - $config['ssh']['rsa_key'] = base64_encode($rsapub); - $config['ssh']['rsa1_key']= base64_encode($rsa1pub); - write_config("Saved SSH keys."); - } else { - /* restore keys */ - $rsa1 = base64_decode($config['ssh']['rsa1']); - $rsa = base64_decode($config['ssh']['rsa']); - $dsa = base64_decode($config['ssh']['dsa']); - file_put_contents("{$sshConfigDir}/ssh_host_key", $rsa1); - file_put_contents("{$sshConfigDir}/ssh_host_rsa_key", $rsa); - file_put_contents("{$sshConfigDir}/ssh_host_dsa_key", $dsa); - - /* restore public keys */ - $rsa1_pub = base64_decode($config['ssh']['rsa1_key']); - $rsa_pub = base64_decode($config['ssh']['rsa_key']); - $dsa_pub = base64_decode($config['ssh']['dsa_key']); - file_put_contents("{$sshConfigDir}/ssh_host_key.pub", $rsa1_pub); - file_put_contents("{$sshConfigDir}/ssh_host_rsa_key.pub", $rsa_pub); - file_put_contents("{$sshConfigDir}/ssh_host_dsa_key.pub", $dsa_pub); - - /* change keys owner to root */ - chown("{$sshConfigDir}/ssh_host_key", "root"); - chown("{$sshConfigDir}/ssh_host_rsa_key", "root"); - chown("{$sshConfigDir}/ssh_host_dsa_key", "root"); - - /* change public keys owner to root */ - chown("{$sshConfigDir}/ssh_host_key.pub", "root"); - chown("{$sshConfigDir}/ssh_host_rsa_key.pub", "root"); - chown("{$sshConfigDir}/ssh_host_dsa_key.pub", "root"); - - /* change mode on keys to u+rw */ - chmod("{$sshConfigDir}/ssh_host_key",0600); - chmod("{$sshConfigDir}/ssh_host_rsa_key",0600); - chmod("{$sshConfigDir}/ssh_host_dsa_key",0600); - - /* change mode on public keys to u+rw */ - chmod("{$sshConfigDir}/ssh_host_key.pub",0600); - chmod("{$sshConfigDir}/ssh_host_rsa_key.pub",0600); - chmod("{$sshConfigDir}/ssh_host_dsa_key.pub",0600); - } - - /* start sshd */ - system("/usr/sbin/sshd"); - echo "done.\n"; - -?> +?>
\ No newline at end of file |
