mirror of
https://github.com/lucaspalomodevelop/core.git
synced 2026-03-16 01:24:38 +00:00
rc: add sshd for installer (2/2); closes #1072
This commit is contained in:
Franco Fichtner
parent
bde361f78a
commit
d4ecff6f9c
@ -211,9 +211,7 @@ interfaces_loopback_configure();
|
||||
/* start syslogd */
|
||||
system_syslogd_start();
|
||||
|
||||
echo "Starting Secure Shell Services...";
|
||||
mwexec("/usr/local/etc/rc.sshd");
|
||||
echo "done.\n";
|
||||
|
||||
/* set up interfaces */
|
||||
mute_kernel_msgs();
|
||||
@ -370,5 +368,7 @@ if ($setup_installer) {
|
||||
$root['shell'] = '/usr/local/etc/rc.installer';
|
||||
$root['name'] = 'installer';
|
||||
local_user_set($root);
|
||||
|
||||
mwexec("/usr/local/etc/rc.sshd installer");
|
||||
}
|
||||
}
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
/*
|
||||
Copyright (C) 2004 Scott K Ullrich
|
||||
Copyright (C) 2004 Fred Mol <fredmol@xs4all.nl>.
|
||||
Copyright (C) 2015 Franco Fichtner <franco@opnsense.org>
|
||||
Copyright (C) 2015-2016 Franco Fichtner <franco@opnsense.org>
|
||||
All rights reserved.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
@ -39,7 +39,18 @@ $etc_ssh = '/usr/local/etc/ssh';
|
||||
/* if run from a shell session, `-af' and the full path is needed */
|
||||
mwexecf('/bin/pkill -af %s', $sbin_sshd);
|
||||
|
||||
if (!isset($config['system']['ssh']['enabled'])) {
|
||||
$sshcfg = null;
|
||||
|
||||
if (isset($config['system']['ssh'])) {
|
||||
if (isset($config['system']['ssh']['enabled'])) {
|
||||
$sshcfg = $config['system']['ssh'];
|
||||
}
|
||||
} elseif (count($argv) > 1 && $argv[1] == 'installer') {
|
||||
/* only revert to installer config when ssh is not set at all */
|
||||
$sshcfg = array( 'permitrootlogin' => 1, 'passwordauth' => 1);
|
||||
}
|
||||
|
||||
if ($sshcfg === null) {
|
||||
return;
|
||||
}
|
||||
|
||||
@ -73,21 +84,8 @@ foreach($keys as $name) {
|
||||
/* Login related files. */
|
||||
touch("/var/log/lastlog");
|
||||
|
||||
if (isset($config['system']['ssh']['port'])) {
|
||||
$sshport = $config['system']['ssh']['port'];
|
||||
} else {
|
||||
$sshport = 22;
|
||||
}
|
||||
$sshport = isset($sshcfg['port']) ? $sshcfg['port'] : 22;
|
||||
|
||||
/*
|
||||
* XXX ZOMG sshd_config BOOTSTRAPPING ACTION
|
||||
*
|
||||
* We can't just ditch the system file by default and roll
|
||||
* our own. Instead, use the current file to find the actual
|
||||
* settings that need toggling, then toggle them!
|
||||
*/
|
||||
|
||||
/* Include default configuration for OPNsense */
|
||||
$sshconf = "# This file was automatically generated by /usr/local/etc/rc.sshd\n";
|
||||
$sshconf .= "Port {$sshport}\n";
|
||||
$sshconf .= "Protocol 2\n";
|
||||
@ -98,10 +96,10 @@ $sshconf .= "UseDNS no\n";
|
||||
$sshconf .= "X11Forwarding no\n";
|
||||
$sshconf .= "PubkeyAuthentication yes\n";
|
||||
$sshconf .= "Subsystem\tsftp\tinternal-sftp\n";
|
||||
if (isset($config['system']['ssh']['permitrootlogin'])) {
|
||||
if (isset($sshcfg['permitrootlogin'])) {
|
||||
$sshconf .= "PermitRootLogin yes\n";
|
||||
}
|
||||
if (isset($config['system']['ssh']['passwordauth'])) {
|
||||
if (isset($sshcfg['passwordauth'])) {
|
||||
$sshconf .= "ChallengeResponseAuthentication yes\n";
|
||||
$sshconf .= "PasswordAuthentication yes\n";
|
||||
} else {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user