# HG changeset patch # User Christian Arnold # Date 1296474015 -3600 # Node ID cc246ac74f0d5d7a7c19f04c83dfe052eb13aa8b import from svn to mercurial diff -r 000000000000 -r cc246ac74f0d .perltidyrc --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/.perltidyrc Mon Jan 31 12:40:15 2011 +0100 @@ -0,0 +1,1 @@ +--paren-tightness=2 diff -r 000000000000 -r cc246ac74f0d Makefile --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/Makefile Mon Jan 31 12:40:15 2011 +0100 @@ -0,0 +1,29 @@ +# $Id: Makefile 4802 2009-12-03 09:48:06Z foerste $ +# $URL: https://ssl.schlittermann.de/svn/is/schlittermann-ssh-key/trunk/Makefile $ + +PERL = /usr/bin/perl + +KEYDIR = schlittermann-ssh-keys +sbin_SCRIPT = update-schlittermann-ssh-keys +pub_KEYS = keys/* +prefix = /usr +sbindir = ${prefix}/sbin +sharedir = ${prefix}/share/${KEYDIR} +DESTDIR = + +.PHONY: all clean install + +all: $(sbin_SCRIPT) + +install: all + install -m 0755 -d $(DESTDIR)$(sharedir)/ + install -m 0644 ${pub_KEYS} $(DESTDIR)$(sharedir)/ + install -m 0755 $(sbin_SCRIPT) $(DESTDIR)$(sbindir)/ + +clean: + -rm -f $(sbin_SCRIPT) core + +%: %.pl + @chmod +w $@ 2>/dev/null || true + @sed -e 's,@PERL@,$(PERL),g' < $^ >$@ + @chmod a=rx $@ diff -r 000000000000 -r cc246ac74f0d debian/README --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/debian/README Mon Jan 31 12:40:15 2011 +0100 @@ -0,0 +1,6 @@ +The Debian Package schlittermann-ssh-keys +---------------------------- + +Comments regarding the Package + + -- unknown Mon, 25 Feb 2008 13:45:09 +0100 diff -r 000000000000 -r cc246ac74f0d debian/README.Debian --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/debian/README.Debian Mon Jan 31 12:40:15 2011 +0100 @@ -0,0 +1,6 @@ +schlittermann-ssh-keys for Debian +--------------------------------- + + + + -- unknown Mon, 25 Feb 2008 13:45:09 +0100 diff -r 000000000000 -r cc246ac74f0d debian/changelog --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/debian/changelog Mon Jan 31 12:40:15 2011 +0100 @@ -0,0 +1,88 @@ +schlittermann-ssh-keys (0.12.2) lenny etch; urgency=low + + * verbosified confirmation for removal of unknown keys + + -- Matthias Förste Thu, 03 Dec 2009 14:58:37 +0100 + +schlittermann-ssh-keys (0.12.1) lenny etch; urgency=low + + * changed 'distribution' field from stable to 'lenny etch' for automated + export to multiple distributions with reprepro + + -- Matthias Förste Thu, 03 Dec 2009 12:00:02 +0100 + +schlittermann-ssh-keys (0.12) stable; urgency=low + + * added missing 'REMOTE_USER' environment variable to pubkey for foerste + * removed syntax check for perl script(s) from Makefile to avoid + unneccessary build dependencies + + -- Matthias Förste Thu, 03 Dec 2009 10:52:58 +0100 + +schlittermann-ssh-keys (0.11) stable; urgency=low + + * ssh key of Marcus added + + -- Marcus Obst Tue, 20 Jan 2009 14:38:39 +0100 + +schlittermann-ssh-keys (0.10) stable; urgency=low + + * ssh Schlüssel von foerste@schlittermann.de hinzugefügt + + -- Christian Arnold Fri, 24 Oct 2008 10:46:42 +0200 + +schlittermann-ssh-keys (0.9) stable; urgency=low + + * improved comment on ssh key of schlorke + + -- Heiko Schlittermann Wed, 18 Jun 2008 09:36:54 +0200 + +schlittermann-ssh-keys (0.8) stable; urgency=low + + * neuer RSA und DSA Schlüssel für Arnold + + -- Heiko Schlittermann Fri, 16 May 2008 14:13:24 +0200 + +schlittermann-ssh-keys (0.7) stable; urgency=low + + * neuer key von Frau Sommer + + -- Heiko Schlittermann Thu, 15 May 2008 11:39:46 +0200 + +schlittermann-ssh-keys (0.6) stable; urgency=low + + * Term::ReadKey + * chomp on read and re-add "\n" on write + + -- Heiko Schlittermann Sat, 8 Mar 2008 12:18:41 +0100 + +schlittermann-ssh-keys (0.5) stable; urgency=low + + * dsa keys for heiko and schlorke added + + -- Heiko Schlittermann Tue, 4 Mar 2008 14:43:42 +0100 + +schlittermann-ssh-keys (0.4) stable; urgency=low + + * fixed: start w/o any option in update-mode + + -- Heiko Schlittermann Tue, 4 Mar 2008 14:36:29 +0100 + +schlittermann-ssh-keys (0.3) stable; urgency=low + + * update-schlittermann-ssh-keys called on install + * Option -u is default now + + -- Heiko Schlittermann Tue, 4 Mar 2008 10:30:27 +0100 + +schlittermann-ssh-keys (0.2) stable; urgency=low + + * now in stable + + -- Christian Arnold (schlittermann -- internet & unix support) Mon, 25 Feb 2008 14:33:48 +0100 + +schlittermann-ssh-keys (0.1) stable; urgency=low + + * Initial Release. + + -- Christian Arnold (schlittermann -- internet & unix support) Mon, 25 Feb 2008 13:45:09 +0100 diff -r 000000000000 -r cc246ac74f0d debian/compat --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/debian/compat Mon Jan 31 12:40:15 2011 +0100 @@ -0,0 +1,1 @@ +5 diff -r 000000000000 -r cc246ac74f0d debian/control --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/debian/control Mon Jan 31 12:40:15 2011 +0100 @@ -0,0 +1,13 @@ +Source: schlittermann-ssh-keys +Section: net +Priority: extra +Maintainer: Christian Arnold (schlittermann -- internet & unix support) +Build-Depends: debhelper (>= 5) +Standards-Version: 3.7.2 + +Package: schlittermann-ssh-keys +Architecture: all +Depends: ${shlibs:Depends}, ${misc:Depends}, ssh (>> 4.3p2), perl (>> 5.8.8), libterm-readkey-perl +Description: Public ssh keys from Schlittermann technician + This package just contains the public ssh keys from the Schlittermann technician, + and an script to managed an authorized_keys.local file. diff -r 000000000000 -r cc246ac74f0d debian/copyright --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/debian/copyright Mon Jan 31 12:40:15 2011 +0100 @@ -0,0 +1,26 @@ +This is schlittermann-ssh-keys, written and maintained by unknown +on Mon, 25 Feb 2008 13:45:09 +0100. + +The original source can always be found at: + ftp://ftp.debian.org/dists/unstable/main/source/ + +Copyright Holder: unknown + +License: + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this package; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + +On Debian systems, the complete text of the GNU General +Public License can be found in `/usr/share/common-licenses/GPL'. diff -r 000000000000 -r cc246ac74f0d debian/dirs --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/debian/dirs Mon Jan 31 12:40:15 2011 +0100 @@ -0,0 +1,2 @@ +usr/bin +usr/sbin diff -r 000000000000 -r cc246ac74f0d debian/docs diff -r 000000000000 -r cc246ac74f0d debian/postinst --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/debian/postinst Mon Jan 31 12:40:15 2011 +0100 @@ -0,0 +1,42 @@ +#!/bin/sh +# postinst script for schlittermann-ssh-keys +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-remove' +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package + + +case "$1" in + configure) + update-schlittermann-ssh-keys + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + ;; + + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 + + diff -r 000000000000 -r cc246ac74f0d debian/rules --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/debian/rules Mon Jan 31 12:40:15 2011 +0100 @@ -0,0 +1,98 @@ +#!/usr/bin/make -f +# -*- makefile -*- +# Sample debian/rules that uses debhelper. +# This file was originally written by Joey Hess and Craig Small. +# As a special exception, when this file is copied by dh-make into a +# dh-make output file, you may use that output file without restriction. +# This special exception was added by Craig Small in version 0.37 of dh-make. + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + + + + +CFLAGS = -Wall -g + +ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) + CFLAGS += -O0 +else + CFLAGS += -O2 +endif + +configure: configure-stamp +configure-stamp: + dh_testdir + # Add here commands to configure the package. + + touch configure-stamp + + +build: build-stamp + +build-stamp: configure-stamp + dh_testdir + + # Add here commands to compile the package. + $(MAKE) + #docbook-to-man debian/schlittermann-ssh-keys.sgml > schlittermann-ssh-keys.1 + + touch $@ + +clean: + dh_testdir + dh_testroot + rm -f build-stamp configure-stamp + + # Add here commands to clean up after the build process. + -$(MAKE) clean + + dh_clean + +install: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + + # Add here commands to install the package into debian/schlittermann-ssh-keys. + $(MAKE) DESTDIR=$(CURDIR)/debian/schlittermann-ssh-keys install + + +# Build architecture-independent files here. +binary-indep: build install +# We have nothing to do by default. + +# Build architecture-dependent files here. +binary-arch: build install + dh_testdir + dh_testroot + dh_installchangelogs + dh_installdocs + dh_installexamples +# dh_install +# dh_installmenu +# dh_installdebconf +# dh_installlogrotate +# dh_installemacsen +# dh_installpam +# dh_installmime +# dh_python +# dh_installinit +# dh_installcron +# dh_installinfo + dh_installman + dh_link + dh_strip + dh_compress + dh_fixperms +# dh_perl +# dh_makeshlibs + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install configure diff -r 000000000000 -r cc246ac74f0d doc/TODO --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/doc/TODO Mon Jan 31 12:40:15 2011 +0100 @@ -0,0 +1,13 @@ +schlittermann-ssh-keys + + ○ eine Option für die automatische Installation (z.B. über FAI) + so das keine Abfragen gestellt werden + ○ wenn automatisch installiert sollen unsere Schlüssel an den Anfang + der authorized_keys gestellt werden !! ohne environment= und mit + einer entsprechenden Erweiterung des Kommentars am Ende !! + ○ die sshd_config soll bei der automatischen Installation nicht + geändert werden + ○ Installations-Frontend soll über dialog gesteuert werden + +$Id: TODO 3839 2008-03-08 11:21:02Z heiko $ +$URL: https://ssl.schlittermann.de/svn/is/schlittermann-ssh-key/trunk/doc/TODO $ diff -r 000000000000 -r cc246ac74f0d keys/dsa_arnold.pub --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/keys/dsa_arnold.pub Mon Jan 31 12:40:15 2011 +0100 @@ -0,0 +1,1 @@ +environment="REMOTE_USER=arnold" ssh-dss AAAAB3NzaC1kc3MAAACBAO29TP68T8uJBqvYURj6TaIKrwtwyn54d5FGSa6pxJsOYK87Jp2ooDyXaDPbxDZ1PkCv8u2bzbCc6wak8XKLg1urzXYQfwL96N8uzN3cNzuvYT9K+lqb5qHNyi8GjJhYWf0eFQm+bPW8wYGhfdPXCw4NdT0hZaph2de1L0v5cMXBAAAAFQCYPa9hp8p5IFueX2ARjUQLkK+wxwAAAIEAhHw1b5SiyaF1TE1NIHC/g0Dx+jmmeYFx2hn8aC9t4K7fWbtB+bLE1QKJ/zFZrqNF7n4lMsbdxnLrvtmjroY2jX33yq0N/a1MvwZWF7PiNYKuXOq/kERegCZQGFLrMJ6DPC6ht2uwtepHmk+sij7XH3onAopt2I+sp+OHnIHJdP0AAACBAMCpWOX/TzsY95zM52RAnworYcBRF6eeHqZCiIiUlA7D09t5dh5yRh2Uvc3Y/bQUa/km63KxFUpJ6DyrihCu14yuAtm5Wh2z+j+e+pz1f6yDuoUps6d3RFNSbJq3fsX9bnGOGKZiAAb+wFjcvb87WX/QwxddBIXwFNQvTyFR0pn+ arnold@schlittermann.de diff -r 000000000000 -r cc246ac74f0d keys/dsa_heiko.pub --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/keys/dsa_heiko.pub Mon Jan 31 12:40:15 2011 +0100 @@ -0,0 +1,1 @@ +environment="REMOTE_USER=heiko" ssh-dss AAAAB3NzaC1kc3MAAACBAJlGAGD/sS5v390XMcChp1xUzddxE9lOgAHmc+RhDf7lMRusdo+97faU1nFl9mXHVDLE/SrhS+oAZA8s7uCQzeauMrlvL406lVt2tDwnLQ02mCNzTTmdkB75t1E++mgqcvSsxflj1h4jCTXTSdL4cjZFWVbPnsEhJ6xU9ODDUTcZAAAAFQCMmECII0nQgtIktAtqSCViwTCtmwAAAIBv6gM5nhP6fnmzpJumWg/QqdZ1VJD1N79yvzxiIWD7/I3RCp3nE5zd2BnUCC4BFDL8LeKsxltHnr80buxUA2fNpqWY+SrjKglUx/6EnaHboFzvoncVhVMv2OQrvqx0YaxFQ7MR2ugQU4JbgAzIl5nlHtCe1h7mXucVSCuA4Q9mUwAAAIBSWthXU/s53c8J2lYaMz8jGh2WNAU0b8o6jA0fSqQUjwYmR1/m+vN0H++b6T5+3u9pf8Wc+K8n1SLptDAHcPh2yR4A2TmBQWgRbg+8UB6hJzI6P9HUDqg3+TiKwGqwoX40B1WYY03Q4cKxWCXsDJ4R309KcltGEs2pewxtYhslMQ== heiko@schlittermann.de diff -r 000000000000 -r cc246ac74f0d keys/dsa_schlorke.pub --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/keys/dsa_schlorke.pub Mon Jan 31 12:40:15 2011 +0100 @@ -0,0 +1,1 @@ +environment="REMOTE_USER=schlorke" ssh-dss AAAAB3NzaC1kc3MAAACBAKMqsdTZS9g1IgCnKQe3Jy4/wV1v0xcoRCc7JJr0d9Ous0E8Z2zxujvQ+21f3KB/sxoBOAnFXVGhZ3gPPyARGYSatgilEtuS1OL8bLJ9CtviqALY/7KoUdaqxHs4/1AhqIMr+7mRQqAzw/NzMbWAM3MN0QRWSv7gHY1Ix5ItYlkHAAAAFQCsiPlEw+5W22rjjXYyGi3Ow2AsWwAAAIBj3FSMM3+E/KwUnfUWkpDv1ku942iINmZxYGPrhUurQdz1BVKb2qKDeYaHK9PIKIt8QuzDnPvoAEooaYfM9+D+3UlUhdjyZZc7PgHXYy8uBXuGUgSCazDfyUXnkTGurOeTHoX7jxuMb98oYcrKcJPzCFFljrqbsPH68JRzEwo/4wAAAIAFFxCkVSI5+cARknNYLBLtoLbcrmJojoXXN2jm81BUY3wnweNQNwWw2ra4BOpkc6dpAb/AHRylzny2LpRBQwEezch8ZDX4SK9G8BLI6Bl6gtRfLN9urxg9VM3EJ9qy7j8/juoRVvkM5SKLRAF92xfYeRWIJ2NXflka89cVKSuxWQ== schlorke@schlittermann.de diff -r 000000000000 -r cc246ac74f0d keys/rsa_arnold.pub --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/keys/rsa_arnold.pub Mon Jan 31 12:40:15 2011 +0100 @@ -0,0 +1,1 @@ +environment="REMOTE_USER=arnold" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3n13h9strxMMtaZFXJNhqf6VTDbMUjSH5kr6mUG1iijtBik2nVPijzZtWqTPWnC276RByGRytvo3j7zU6lIHEhfkB6r5G6ZmN+vFywCrakPMwmcb2r4DZJN+Kh8Vm+CgVtgvPqrdTnMu68aShzfu0K4/IjXdcHp/xvnddSEch1utrs2jH/Rdf/KO7Td5pl1D0shzYx+h77HMLDzOjD+Cim6KPpku14/m6zvjS1Hupvl1bHx4FprcrPCfNCBoQv50ISbzK/M3lrTu4zCXB6/qHJPBWHWnuT8KBAvUgFGWVvCuwrNnzUkH1OnyZ9Y/oU6J05Wkkpr19cN26h8nP85fgQ== arnold@schlittermann.de diff -r 000000000000 -r cc246ac74f0d keys/rsa_foerste.pub --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/keys/rsa_foerste.pub Mon Jan 31 12:40:15 2011 +0100 @@ -0,0 +1,1 @@ +environment="REMOTE_USER=foerste" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApvr0GmXsg0KOUFeeSYvDwLIDZq6oaPQdipHNFGMPbaOX4o91j4gc8V8JwKvSvnzFlM0Xi5WbmgLhbQ5KGs7PQ7EncXj1V2eOiVioOHdsRa4Bh/8scEEFwQkGr0Ii7946jxIPfXn0fyNjkUEKln+5oUGVi+FJUGUm8An4FSaR42Nf36TV7N7nkMtRFw7kRsgvAAr1/10ajvSI8p/TP4VBvqe7JxyBHldMnNYspw/tsBtUE45iYHXxkKrBHpAR8pZZ1mDRK05ZjgsfZSLSxArxU4nXFtI9mxoAwIyQoqwFgn8WuuqsBI6TNfdawMR1WbjszfJVmKqLa4oMHj7+xOWR+Q== foerste@schlittermann.de diff -r 000000000000 -r cc246ac74f0d keys/rsa_mobst.pub --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/keys/rsa_mobst.pub Mon Jan 31 12:40:15 2011 +0100 @@ -0,0 +1,1 @@ +environment="REMOTE_USER=mobst" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAt0ira8G8Q5BfHJGzEhUialIu26FvTvclwJenHuR31KLShdmrF9sDjLmtLXjQ85orLNcULKmupE8g1RqIygP19hRJrZXATi8dgyxsvJ60Oe9ke3bCi8bVWdISdiFczaHlfMrY2mEr9qFYH24FKZjLuZhRiZFXroHyA5Nu00oxSek= mobst@schlittermann.de diff -r 000000000000 -r cc246ac74f0d keys/rsa_sommer.pub --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/keys/rsa_sommer.pub Mon Jan 31 12:40:15 2011 +0100 @@ -0,0 +1,1 @@ +environment="REMOTE_USER=sommer" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwSyH5YLP36lzkGiP4EaiVehx1ryD0DPui/7r+6mrD+v/ClSGFQDrBGTEiUIpLdte8U6xYdFdCxyIJA7VTyapIP2Hs/f6Rvlfc8lVORdfAjH31yMHrAQAk1kXZwhI43HZ05uVUMJXV0SDGPP6fJwKl+u5njn/WHn+S6da/XuVuzRj+xxVvLpBXXkn8rsK7UKVFAsTDkm5oN/RJsgEUqs2+i8julioBG/QZ8ukKNi/EufMP/EUSyTWD2CQ040tttrYYyMVLpeYveksDnwYHvuD7SRae5M3SdGRSVdYZ7+B5dLMqz8l2ptwStrCFrqNQ8xQOhRgTc/iXePEPQlX+j2cOw== sommer@schlittermann.de diff -r 000000000000 -r cc246ac74f0d update-schlittermann-ssh-keys.pl --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/update-schlittermann-ssh-keys.pl Mon Jan 31 12:40:15 2011 +0100 @@ -0,0 +1,202 @@ +#! /usr/bin/perl +# $Id: update-schlittermann-ssh-keys.pl 4805 2009-12-03 14:39:57Z foerste $ +# $URL: https://ssl.schlittermann.de/svn/is/schlittermann-ssh-key/trunk/update-schlittermann-ssh-keys.pl $ + +use strict; +use warnings; +use File::Basename; +use File::Copy; +use Getopt::Long; +use Term::ReadKey; +use Pod::Usage; +use if $ENV{DEBUG} => "Smart::Comments"; + +my $ME = basename $0; +my $effective_uid = $>; +my $home_dir = (getpwuid $effective_uid)[7]; +my $opt_update = 1; +my $opt_help = 0; +my $opt_man = 0; +my $opt_keys_dir = "/usr/share/schlittermann-ssh-keys"; +my $opt_force = 0; + +my $SSHD_CONF = "/etc/ssh/sshd_config"; +my $KEYS_DIR = undef; # set later +my $SSH_DIR = "$home_dir/.ssh"; +my $AUTH_KEYS = "$SSH_DIR/authorized_keys"; +my $AUTH_KEYS_LOCAL = "$SSH_DIR/authorized_keys.local"; + +sub read_keys(@) { + local @ARGV = grep -f, @_; + my %h; + if (@ARGV) { + while (<>) { chomp; $h{$_} = 1 } + } + return %h; +} + +MAIN: { + + GetOptions( + "update!" => \$opt_update, + "help!" => \$opt_help, + "man!" => \$opt_man, + "keys-dir=s" => \$opt_keys_dir, + "force!" => \$opt_force, + ) or pod2usage(-exitval => 1, -verbose => 0); + + $KEYS_DIR = $opt_keys_dir; + + pod2usage(-exitval => 0, -verbose => 0) if $opt_help; + pod2usage(-exitval => 0, -verbose => 2) if $opt_man; + + # update authorized_keys file + if ($opt_update) { + + # checking Schlittermann keys directory + -d $KEYS_DIR + or die "\n[$KEYS_DIR] doesn't exist.\n\n"; + + # creating .ssh directory if not exists + -d $SSH_DIR + or mkdir $SSH_DIR, 0700 + or die "Can't create directory $SSH_DIR: $!\n"; + + # backup authorized_keys file + if (-e $AUTH_KEYS) { + my $copy = $opt_force || !-e "$AUTH_KEYS.bak"; + if (!$copy) { + print +"\nWARNING: [$AUTH_KEYS.bak] already exists. Overwrite? [yes/N]: "; + chomp(my $input = ); + $copy = lc $input eq "yes"; + } + copy($AUTH_KEYS => "$AUTH_KEYS.bak") + or die "Can't copy $AUTH_KEYS: $!\n" + if $copy; + } + + # read Schlittermann keys + my %schlittermann_keys = read_keys(glob("$KEYS_DIR/*")); + my %local_keys = read_keys($AUTH_KEYS_LOCAL); + my %auth_keys = read_keys($AUTH_KEYS); + + delete @auth_keys{ keys %schlittermann_keys, keys %local_keys }; + + foreach (keys %auth_keys) { # die noch unbekannten + /^(.* ssh-\S+ ).*? (.*)$/ or /^(.{30}).*?(.{30})$/; + print "Keep unknown: " . ((defined $1 and defined $2) ? "$1 ... $2" : $_) . ": [y/N] "; + ReadMode "cbreak"; + my $answer = lc ReadKey; + ReadMode "restore"; + + $answer = "n" if not $answer eq "y"; + print "$answer\n"; + next if $answer ne "y"; + $local_keys{$_} = 1; + } + + my $fh; + open $fh, ">$AUTH_KEYS_LOCAL" + or die "Can't open $AUTH_KEYS_LOCAL: $!\n"; + print $fh map { "$_\n" } keys %local_keys; + close $fh; + + open $fh, ">$AUTH_KEYS" or die "Can't open $AUTH_KEYS: $!\n"; + print $fh map { "$_\n" } keys %schlittermann_keys, keys %local_keys; + close $fh; + + } + + # check /etc/ssh/sshd_config for the keyword PermitUserEnvironment + if (open(my $fh, $SSHD_CONF)) { + grep { /^\s*PermitUserEnvironment\s+yes/i } <$fh> + and print "$SSHD_CONF is ok\n" + and exit 0; + } + else { + warn "Can't check $SSHD_CONF: $!\n"; + exit 0; + } + + warn "PermitUserEnvironment not set!\n"; + + if (open(my $fh, "+<$SSHD_CONF")) { + copy($SSHD_CONF => "$SSHD_CONF.bak") + or die "Can't copy $SSHD_CONF -> $SSHD_CONF.bak: $!\n"; + $_ = join "", <$fh>; + s/^(\s*PermitUserEnvironment\s+).*$/# modified by $ME:\n$1yes/im + or $_ .= "# inserted by $ME:\nPermitUserEnvironment yes\n"; + + seek($fh, 0, 0); + print $fh $_; + truncate($fh, tell($fh)); + close($fh) or rename("$SSHD_CONF.bak" => $SSHD_CONF); + + system("invoke-rc.d ssh reload"); + + exit 0; + } + else { + warn "Can't modify $SSHD_CONF: $!\n"; + } +} + +__END__ + +=head1 NAME + +update-schlittermann-ssh-keys - import public ssh keys from the Schlittermann technician + +=head1 SYNOPSIS + +B [OPTION] + + Options: + -u, --update update the authorized_keys file + -h, --help display this help and exit + -m, --man display full documentation + -f, --force overwriting backup file + --keys-dir the default keys + +=head1 DESCRIPION + +B make a backup from F<~/.ssh/authorized_keys> and generate a new file which +contains the public ssh keys from the Schlittermann technician. + +If exists the F<~/.ssh/authorized_keys.local> file, the public ssh keys from +this file will be appand to the F<~/.ssh/authorized_keys> file too. + +=cut + +=head1 OPTIONS + +=over 8 + + +=item B<-u, --update> + +import the public ssh keys from the Schlittermann technician and the keys from the F<~/.ssh/authorized_keys.local> file + +=item B<-f, --force> + +force some actions (e.g. overwriting backup file) (default: 0) + +=item B<--keys-dir> I + +The directory where the "default" keys are stored +(default: F) + +=item B<-h, --help> + +display this help and exit + +=item B<-m, --man> + +display full documentation + +=back + +=cut + +# vim:ts=4 sts=4 sw=4 aw ai sm: