--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/.perltidyrc Mon Jan 31 12:40:15 2011 +0100
@@ -0,0 +1,1 @@
+--paren-tightness=2
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/Makefile Mon Jan 31 12:40:15 2011 +0100
@@ -0,0 +1,29 @@
+# $Id: Makefile 4802 2009-12-03 09:48:06Z foerste $
+# $URL: https://ssl.schlittermann.de/svn/is/schlittermann-ssh-key/trunk/Makefile $
+
+PERL = /usr/bin/perl
+
+KEYDIR = schlittermann-ssh-keys
+sbin_SCRIPT = update-schlittermann-ssh-keys
+pub_KEYS = keys/*
+prefix = /usr
+sbindir = ${prefix}/sbin
+sharedir = ${prefix}/share/${KEYDIR}
+DESTDIR =
+
+.PHONY: all clean install
+
+all: $(sbin_SCRIPT)
+
+install: all
+ install -m 0755 -d $(DESTDIR)$(sharedir)/
+ install -m 0644 ${pub_KEYS} $(DESTDIR)$(sharedir)/
+ install -m 0755 $(sbin_SCRIPT) $(DESTDIR)$(sbindir)/
+
+clean:
+ -rm -f $(sbin_SCRIPT) core
+
+%: %.pl
+ @chmod +w $@ 2>/dev/null || true
+ @sed -e 's,@PERL@,$(PERL),g' < $^ >$@
+ @chmod a=rx $@
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/debian/README Mon Jan 31 12:40:15 2011 +0100
@@ -0,0 +1,6 @@
+The Debian Package schlittermann-ssh-keys
+----------------------------
+
+Comments regarding the Package
+
+ -- unknown <arnold@schlittermann.de> Mon, 25 Feb 2008 13:45:09 +0100
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/debian/README.Debian Mon Jan 31 12:40:15 2011 +0100
@@ -0,0 +1,6 @@
+schlittermann-ssh-keys for Debian
+---------------------------------
+
+<possible notes regarding this package - if none, delete this file>
+
+ -- unknown <arnold@schlittermann.de> Mon, 25 Feb 2008 13:45:09 +0100
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/debian/changelog Mon Jan 31 12:40:15 2011 +0100
@@ -0,0 +1,88 @@
+schlittermann-ssh-keys (0.12.2) lenny etch; urgency=low
+
+ * verbosified confirmation for removal of unknown keys
+
+ -- Matthias Förste <foerste@schlittermann.de> Thu, 03 Dec 2009 14:58:37 +0100
+
+schlittermann-ssh-keys (0.12.1) lenny etch; urgency=low
+
+ * changed 'distribution' field from stable to 'lenny etch' for automated
+ export to multiple distributions with reprepro
+
+ -- Matthias Förste <foerste@schlittermann.de> Thu, 03 Dec 2009 12:00:02 +0100
+
+schlittermann-ssh-keys (0.12) stable; urgency=low
+
+ * added missing 'REMOTE_USER' environment variable to pubkey for foerste
+ * removed syntax check for perl script(s) from Makefile to avoid
+ unneccessary build dependencies
+
+ -- Matthias Förste <foerste@schlittermann.de> Thu, 03 Dec 2009 10:52:58 +0100
+
+schlittermann-ssh-keys (0.11) stable; urgency=low
+
+ * ssh key of Marcus added
+
+ -- Marcus Obst <maob@hrz.tu-chemnitz.de> Tue, 20 Jan 2009 14:38:39 +0100
+
+schlittermann-ssh-keys (0.10) stable; urgency=low
+
+ * ssh Schlüssel von foerste@schlittermann.de hinzugefügt
+
+ -- Christian Arnold <arnold@schlittermann.de> Fri, 24 Oct 2008 10:46:42 +0200
+
+schlittermann-ssh-keys (0.9) stable; urgency=low
+
+ * improved comment on ssh key of schlorke
+
+ -- Heiko Schlittermann <heiko@schlittermann.de> Wed, 18 Jun 2008 09:36:54 +0200
+
+schlittermann-ssh-keys (0.8) stable; urgency=low
+
+ * neuer RSA und DSA Schlüssel für Arnold
+
+ -- Heiko Schlittermann <arnold@hopper.is.schlittermann.de> Fri, 16 May 2008 14:13:24 +0200
+
+schlittermann-ssh-keys (0.7) stable; urgency=low
+
+ * neuer key von Frau Sommer
+
+ -- Heiko Schlittermann <arnold@hopper.is.schlittermann.de> Thu, 15 May 2008 11:39:46 +0200
+
+schlittermann-ssh-keys (0.6) stable; urgency=low
+
+ * Term::ReadKey
+ * chomp on read and re-add "\n" on write
+
+ -- Heiko Schlittermann <heiko@schlittermann.de> Sat, 8 Mar 2008 12:18:41 +0100
+
+schlittermann-ssh-keys (0.5) stable; urgency=low
+
+ * dsa keys for heiko and schlorke added
+
+ -- Heiko Schlittermann <heiko@schlittermann.de> Tue, 4 Mar 2008 14:43:42 +0100
+
+schlittermann-ssh-keys (0.4) stable; urgency=low
+
+ * fixed: start w/o any option in update-mode
+
+ -- Heiko Schlittermann <heiko@schlittermann.de> Tue, 4 Mar 2008 14:36:29 +0100
+
+schlittermann-ssh-keys (0.3) stable; urgency=low
+
+ * update-schlittermann-ssh-keys called on install
+ * Option -u is default now
+
+ -- Heiko Schlittermann <heiko@schlittermann.de> Tue, 4 Mar 2008 10:30:27 +0100
+
+schlittermann-ssh-keys (0.2) stable; urgency=low
+
+ * now in stable
+
+ -- Christian Arnold (schlittermann -- internet & unix support) <arnold@schlittermann.de> Mon, 25 Feb 2008 14:33:48 +0100
+
+schlittermann-ssh-keys (0.1) stable; urgency=low
+
+ * Initial Release.
+
+ -- Christian Arnold (schlittermann -- internet & unix support) <arnold@schlittermann.de> Mon, 25 Feb 2008 13:45:09 +0100
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/debian/compat Mon Jan 31 12:40:15 2011 +0100
@@ -0,0 +1,1 @@
+5
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/debian/control Mon Jan 31 12:40:15 2011 +0100
@@ -0,0 +1,13 @@
+Source: schlittermann-ssh-keys
+Section: net
+Priority: extra
+Maintainer: Christian Arnold (schlittermann -- internet & unix support) <arnold@schlittermann.de>
+Build-Depends: debhelper (>= 5)
+Standards-Version: 3.7.2
+
+Package: schlittermann-ssh-keys
+Architecture: all
+Depends: ${shlibs:Depends}, ${misc:Depends}, ssh (>> 4.3p2), perl (>> 5.8.8), libterm-readkey-perl
+Description: Public ssh keys from Schlittermann technician
+ This package just contains the public ssh keys from the Schlittermann technician,
+ and an script to managed an authorized_keys.local file.
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/debian/copyright Mon Jan 31 12:40:15 2011 +0100
@@ -0,0 +1,26 @@
+This is schlittermann-ssh-keys, written and maintained by unknown <arnold@schlittermann.de>
+on Mon, 25 Feb 2008 13:45:09 +0100.
+
+The original source can always be found at:
+ ftp://ftp.debian.org/dists/unstable/main/source/
+
+Copyright Holder: unknown
+
+License:
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this package; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+
+On Debian systems, the complete text of the GNU General
+Public License can be found in `/usr/share/common-licenses/GPL'.
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/debian/dirs Mon Jan 31 12:40:15 2011 +0100
@@ -0,0 +1,2 @@
+usr/bin
+usr/sbin
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/debian/postinst Mon Jan 31 12:40:15 2011 +0100
@@ -0,0 +1,42 @@
+#!/bin/sh
+# postinst script for schlittermann-ssh-keys
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+# * <postinst> `configure' <most-recently-configured-version>
+# * <old-postinst> `abort-upgrade' <new version>
+# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
+# <new-version>
+# * <postinst> `abort-remove'
+# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
+# <failed-install-package> <version> `removing'
+# <conflicting-package> <version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+
+case "$1" in
+ configure)
+ update-schlittermann-ssh-keys
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/debian/rules Mon Jan 31 12:40:15 2011 +0100
@@ -0,0 +1,98 @@
+#!/usr/bin/make -f
+# -*- makefile -*-
+# Sample debian/rules that uses debhelper.
+# This file was originally written by Joey Hess and Craig Small.
+# As a special exception, when this file is copied by dh-make into a
+# dh-make output file, you may use that output file without restriction.
+# This special exception was added by Craig Small in version 0.37 of dh-make.
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+
+
+
+CFLAGS = -Wall -g
+
+ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
+ CFLAGS += -O0
+else
+ CFLAGS += -O2
+endif
+
+configure: configure-stamp
+configure-stamp:
+ dh_testdir
+ # Add here commands to configure the package.
+
+ touch configure-stamp
+
+
+build: build-stamp
+
+build-stamp: configure-stamp
+ dh_testdir
+
+ # Add here commands to compile the package.
+ $(MAKE)
+ #docbook-to-man debian/schlittermann-ssh-keys.sgml > schlittermann-ssh-keys.1
+
+ touch $@
+
+clean:
+ dh_testdir
+ dh_testroot
+ rm -f build-stamp configure-stamp
+
+ # Add here commands to clean up after the build process.
+ -$(MAKE) clean
+
+ dh_clean
+
+install: build
+ dh_testdir
+ dh_testroot
+ dh_clean -k
+ dh_installdirs
+
+ # Add here commands to install the package into debian/schlittermann-ssh-keys.
+ $(MAKE) DESTDIR=$(CURDIR)/debian/schlittermann-ssh-keys install
+
+
+# Build architecture-independent files here.
+binary-indep: build install
+# We have nothing to do by default.
+
+# Build architecture-dependent files here.
+binary-arch: build install
+ dh_testdir
+ dh_testroot
+ dh_installchangelogs
+ dh_installdocs
+ dh_installexamples
+# dh_install
+# dh_installmenu
+# dh_installdebconf
+# dh_installlogrotate
+# dh_installemacsen
+# dh_installpam
+# dh_installmime
+# dh_python
+# dh_installinit
+# dh_installcron
+# dh_installinfo
+ dh_installman
+ dh_link
+ dh_strip
+ dh_compress
+ dh_fixperms
+# dh_perl
+# dh_makeshlibs
+ dh_installdeb
+ dh_shlibdeps
+ dh_gencontrol
+ dh_md5sums
+ dh_builddeb
+
+binary: binary-indep binary-arch
+.PHONY: build clean binary-indep binary-arch binary install configure
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/doc/TODO Mon Jan 31 12:40:15 2011 +0100
@@ -0,0 +1,13 @@
+schlittermann-ssh-keys
+
+ ○ eine Option für die automatische Installation (z.B. über FAI)
+ so das keine Abfragen gestellt werden
+ ○ wenn automatisch installiert sollen unsere Schlüssel an den Anfang
+ der authorized_keys gestellt werden !! ohne environment= und mit
+ einer entsprechenden Erweiterung des Kommentars am Ende !!
+ ○ die sshd_config soll bei der automatischen Installation nicht
+ geändert werden
+ ○ Installations-Frontend soll über dialog gesteuert werden
+
+$Id: TODO 3839 2008-03-08 11:21:02Z heiko $
+$URL: https://ssl.schlittermann.de/svn/is/schlittermann-ssh-key/trunk/doc/TODO $
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/keys/dsa_arnold.pub Mon Jan 31 12:40:15 2011 +0100
@@ -0,0 +1,1 @@
+environment="REMOTE_USER=arnold" ssh-dss AAAAB3NzaC1kc3MAAACBAO29TP68T8uJBqvYURj6TaIKrwtwyn54d5FGSa6pxJsOYK87Jp2ooDyXaDPbxDZ1PkCv8u2bzbCc6wak8XKLg1urzXYQfwL96N8uzN3cNzuvYT9K+lqb5qHNyi8GjJhYWf0eFQm+bPW8wYGhfdPXCw4NdT0hZaph2de1L0v5cMXBAAAAFQCYPa9hp8p5IFueX2ARjUQLkK+wxwAAAIEAhHw1b5SiyaF1TE1NIHC/g0Dx+jmmeYFx2hn8aC9t4K7fWbtB+bLE1QKJ/zFZrqNF7n4lMsbdxnLrvtmjroY2jX33yq0N/a1MvwZWF7PiNYKuXOq/kERegCZQGFLrMJ6DPC6ht2uwtepHmk+sij7XH3onAopt2I+sp+OHnIHJdP0AAACBAMCpWOX/TzsY95zM52RAnworYcBRF6eeHqZCiIiUlA7D09t5dh5yRh2Uvc3Y/bQUa/km63KxFUpJ6DyrihCu14yuAtm5Wh2z+j+e+pz1f6yDuoUps6d3RFNSbJq3fsX9bnGOGKZiAAb+wFjcvb87WX/QwxddBIXwFNQvTyFR0pn+ arnold@schlittermann.de
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/keys/dsa_heiko.pub Mon Jan 31 12:40:15 2011 +0100
@@ -0,0 +1,1 @@
+environment="REMOTE_USER=heiko" ssh-dss AAAAB3NzaC1kc3MAAACBAJlGAGD/sS5v390XMcChp1xUzddxE9lOgAHmc+RhDf7lMRusdo+97faU1nFl9mXHVDLE/SrhS+oAZA8s7uCQzeauMrlvL406lVt2tDwnLQ02mCNzTTmdkB75t1E++mgqcvSsxflj1h4jCTXTSdL4cjZFWVbPnsEhJ6xU9ODDUTcZAAAAFQCMmECII0nQgtIktAtqSCViwTCtmwAAAIBv6gM5nhP6fnmzpJumWg/QqdZ1VJD1N79yvzxiIWD7/I3RCp3nE5zd2BnUCC4BFDL8LeKsxltHnr80buxUA2fNpqWY+SrjKglUx/6EnaHboFzvoncVhVMv2OQrvqx0YaxFQ7MR2ugQU4JbgAzIl5nlHtCe1h7mXucVSCuA4Q9mUwAAAIBSWthXU/s53c8J2lYaMz8jGh2WNAU0b8o6jA0fSqQUjwYmR1/m+vN0H++b6T5+3u9pf8Wc+K8n1SLptDAHcPh2yR4A2TmBQWgRbg+8UB6hJzI6P9HUDqg3+TiKwGqwoX40B1WYY03Q4cKxWCXsDJ4R309KcltGEs2pewxtYhslMQ== heiko@schlittermann.de
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/keys/dsa_schlorke.pub Mon Jan 31 12:40:15 2011 +0100
@@ -0,0 +1,1 @@
+environment="REMOTE_USER=schlorke" ssh-dss AAAAB3NzaC1kc3MAAACBAKMqsdTZS9g1IgCnKQe3Jy4/wV1v0xcoRCc7JJr0d9Ous0E8Z2zxujvQ+21f3KB/sxoBOAnFXVGhZ3gPPyARGYSatgilEtuS1OL8bLJ9CtviqALY/7KoUdaqxHs4/1AhqIMr+7mRQqAzw/NzMbWAM3MN0QRWSv7gHY1Ix5ItYlkHAAAAFQCsiPlEw+5W22rjjXYyGi3Ow2AsWwAAAIBj3FSMM3+E/KwUnfUWkpDv1ku942iINmZxYGPrhUurQdz1BVKb2qKDeYaHK9PIKIt8QuzDnPvoAEooaYfM9+D+3UlUhdjyZZc7PgHXYy8uBXuGUgSCazDfyUXnkTGurOeTHoX7jxuMb98oYcrKcJPzCFFljrqbsPH68JRzEwo/4wAAAIAFFxCkVSI5+cARknNYLBLtoLbcrmJojoXXN2jm81BUY3wnweNQNwWw2ra4BOpkc6dpAb/AHRylzny2LpRBQwEezch8ZDX4SK9G8BLI6Bl6gtRfLN9urxg9VM3EJ9qy7j8/juoRVvkM5SKLRAF92xfYeRWIJ2NXflka89cVKSuxWQ== schlorke@schlittermann.de
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/keys/rsa_arnold.pub Mon Jan 31 12:40:15 2011 +0100
@@ -0,0 +1,1 @@
+environment="REMOTE_USER=arnold" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3n13h9strxMMtaZFXJNhqf6VTDbMUjSH5kr6mUG1iijtBik2nVPijzZtWqTPWnC276RByGRytvo3j7zU6lIHEhfkB6r5G6ZmN+vFywCrakPMwmcb2r4DZJN+Kh8Vm+CgVtgvPqrdTnMu68aShzfu0K4/IjXdcHp/xvnddSEch1utrs2jH/Rdf/KO7Td5pl1D0shzYx+h77HMLDzOjD+Cim6KPpku14/m6zvjS1Hupvl1bHx4FprcrPCfNCBoQv50ISbzK/M3lrTu4zCXB6/qHJPBWHWnuT8KBAvUgFGWVvCuwrNnzUkH1OnyZ9Y/oU6J05Wkkpr19cN26h8nP85fgQ== arnold@schlittermann.de
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/keys/rsa_foerste.pub Mon Jan 31 12:40:15 2011 +0100
@@ -0,0 +1,1 @@
+environment="REMOTE_USER=foerste" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApvr0GmXsg0KOUFeeSYvDwLIDZq6oaPQdipHNFGMPbaOX4o91j4gc8V8JwKvSvnzFlM0Xi5WbmgLhbQ5KGs7PQ7EncXj1V2eOiVioOHdsRa4Bh/8scEEFwQkGr0Ii7946jxIPfXn0fyNjkUEKln+5oUGVi+FJUGUm8An4FSaR42Nf36TV7N7nkMtRFw7kRsgvAAr1/10ajvSI8p/TP4VBvqe7JxyBHldMnNYspw/tsBtUE45iYHXxkKrBHpAR8pZZ1mDRK05ZjgsfZSLSxArxU4nXFtI9mxoAwIyQoqwFgn8WuuqsBI6TNfdawMR1WbjszfJVmKqLa4oMHj7+xOWR+Q== foerste@schlittermann.de
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/keys/rsa_mobst.pub Mon Jan 31 12:40:15 2011 +0100
@@ -0,0 +1,1 @@
+environment="REMOTE_USER=mobst" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAt0ira8G8Q5BfHJGzEhUialIu26FvTvclwJenHuR31KLShdmrF9sDjLmtLXjQ85orLNcULKmupE8g1RqIygP19hRJrZXATi8dgyxsvJ60Oe9ke3bCi8bVWdISdiFczaHlfMrY2mEr9qFYH24FKZjLuZhRiZFXroHyA5Nu00oxSek= mobst@schlittermann.de
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/keys/rsa_sommer.pub Mon Jan 31 12:40:15 2011 +0100
@@ -0,0 +1,1 @@
+environment="REMOTE_USER=sommer" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwSyH5YLP36lzkGiP4EaiVehx1ryD0DPui/7r+6mrD+v/ClSGFQDrBGTEiUIpLdte8U6xYdFdCxyIJA7VTyapIP2Hs/f6Rvlfc8lVORdfAjH31yMHrAQAk1kXZwhI43HZ05uVUMJXV0SDGPP6fJwKl+u5njn/WHn+S6da/XuVuzRj+xxVvLpBXXkn8rsK7UKVFAsTDkm5oN/RJsgEUqs2+i8julioBG/QZ8ukKNi/EufMP/EUSyTWD2CQ040tttrYYyMVLpeYveksDnwYHvuD7SRae5M3SdGRSVdYZ7+B5dLMqz8l2ptwStrCFrqNQ8xQOhRgTc/iXePEPQlX+j2cOw== sommer@schlittermann.de
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/update-schlittermann-ssh-keys.pl Mon Jan 31 12:40:15 2011 +0100
@@ -0,0 +1,202 @@
+#! /usr/bin/perl
+# $Id: update-schlittermann-ssh-keys.pl 4805 2009-12-03 14:39:57Z foerste $
+# $URL: https://ssl.schlittermann.de/svn/is/schlittermann-ssh-key/trunk/update-schlittermann-ssh-keys.pl $
+
+use strict;
+use warnings;
+use File::Basename;
+use File::Copy;
+use Getopt::Long;
+use Term::ReadKey;
+use Pod::Usage;
+use if $ENV{DEBUG} => "Smart::Comments";
+
+my $ME = basename $0;
+my $effective_uid = $>;
+my $home_dir = (getpwuid $effective_uid)[7];
+my $opt_update = 1;
+my $opt_help = 0;
+my $opt_man = 0;
+my $opt_keys_dir = "/usr/share/schlittermann-ssh-keys";
+my $opt_force = 0;
+
+my $SSHD_CONF = "/etc/ssh/sshd_config";
+my $KEYS_DIR = undef; # set later
+my $SSH_DIR = "$home_dir/.ssh";
+my $AUTH_KEYS = "$SSH_DIR/authorized_keys";
+my $AUTH_KEYS_LOCAL = "$SSH_DIR/authorized_keys.local";
+
+sub read_keys(@) {
+ local @ARGV = grep -f, @_;
+ my %h;
+ if (@ARGV) {
+ while (<>) { chomp; $h{$_} = 1 }
+ }
+ return %h;
+}
+
+MAIN: {
+
+ GetOptions(
+ "update!" => \$opt_update,
+ "help!" => \$opt_help,
+ "man!" => \$opt_man,
+ "keys-dir=s" => \$opt_keys_dir,
+ "force!" => \$opt_force,
+ ) or pod2usage(-exitval => 1, -verbose => 0);
+
+ $KEYS_DIR = $opt_keys_dir;
+
+ pod2usage(-exitval => 0, -verbose => 0) if $opt_help;
+ pod2usage(-exitval => 0, -verbose => 2) if $opt_man;
+
+ # update authorized_keys file
+ if ($opt_update) {
+
+ # checking Schlittermann keys directory
+ -d $KEYS_DIR
+ or die "\n[$KEYS_DIR] doesn't exist.\n\n";
+
+ # creating .ssh directory if not exists
+ -d $SSH_DIR
+ or mkdir $SSH_DIR, 0700
+ or die "Can't create directory $SSH_DIR: $!\n";
+
+ # backup authorized_keys file
+ if (-e $AUTH_KEYS) {
+ my $copy = $opt_force || !-e "$AUTH_KEYS.bak";
+ if (!$copy) {
+ print
+"\nWARNING: [$AUTH_KEYS.bak] already exists. Overwrite? [yes/N]: ";
+ chomp(my $input = <STDIN>);
+ $copy = lc $input eq "yes";
+ }
+ copy($AUTH_KEYS => "$AUTH_KEYS.bak")
+ or die "Can't copy $AUTH_KEYS: $!\n"
+ if $copy;
+ }
+
+ # read Schlittermann keys
+ my %schlittermann_keys = read_keys(glob("$KEYS_DIR/*"));
+ my %local_keys = read_keys($AUTH_KEYS_LOCAL);
+ my %auth_keys = read_keys($AUTH_KEYS);
+
+ delete @auth_keys{ keys %schlittermann_keys, keys %local_keys };
+
+ foreach (keys %auth_keys) { # die noch unbekannten
+ /^(.* ssh-\S+ ).*? (.*)$/ or /^(.{30}).*?(.{30})$/;
+ print "Keep unknown: " . ((defined $1 and defined $2) ? "$1 ... $2" : $_) . ": [y/N] ";
+ ReadMode "cbreak";
+ my $answer = lc ReadKey;
+ ReadMode "restore";
+
+ $answer = "n" if not $answer eq "y";
+ print "$answer\n";
+ next if $answer ne "y";
+ $local_keys{$_} = 1;
+ }
+
+ my $fh;
+ open $fh, ">$AUTH_KEYS_LOCAL"
+ or die "Can't open $AUTH_KEYS_LOCAL: $!\n";
+ print $fh map { "$_\n" } keys %local_keys;
+ close $fh;
+
+ open $fh, ">$AUTH_KEYS" or die "Can't open $AUTH_KEYS: $!\n";
+ print $fh map { "$_\n" } keys %schlittermann_keys, keys %local_keys;
+ close $fh;
+
+ }
+
+ # check /etc/ssh/sshd_config for the keyword PermitUserEnvironment
+ if (open(my $fh, $SSHD_CONF)) {
+ grep { /^\s*PermitUserEnvironment\s+yes/i } <$fh>
+ and print "$SSHD_CONF is ok\n"
+ and exit 0;
+ }
+ else {
+ warn "Can't check $SSHD_CONF: $!\n";
+ exit 0;
+ }
+
+ warn "PermitUserEnvironment not set!\n";
+
+ if (open(my $fh, "+<$SSHD_CONF")) {
+ copy($SSHD_CONF => "$SSHD_CONF.bak")
+ or die "Can't copy $SSHD_CONF -> $SSHD_CONF.bak: $!\n";
+ $_ = join "", <$fh>;
+ s/^(\s*PermitUserEnvironment\s+).*$/# modified by $ME:\n$1yes/im
+ or $_ .= "# inserted by $ME:\nPermitUserEnvironment yes\n";
+
+ seek($fh, 0, 0);
+ print $fh $_;
+ truncate($fh, tell($fh));
+ close($fh) or rename("$SSHD_CONF.bak" => $SSHD_CONF);
+
+ system("invoke-rc.d ssh reload");
+
+ exit 0;
+ }
+ else {
+ warn "Can't modify $SSHD_CONF: $!\n";
+ }
+}
+
+__END__
+
+=head1 NAME
+
+update-schlittermann-ssh-keys - import public ssh keys from the Schlittermann technician
+
+=head1 SYNOPSIS
+
+B<update-schlittermann-ssh-keys> [OPTION]
+
+ Options:
+ -u, --update update the authorized_keys file
+ -h, --help display this help and exit
+ -m, --man display full documentation
+ -f, --force overwriting backup file
+ --keys-dir the default keys
+
+=head1 DESCRIPION
+
+B<update-schlittermann-ssh-keys> make a backup from F<~/.ssh/authorized_keys> and generate a new file which
+contains the public ssh keys from the Schlittermann technician.
+
+If exists the F<~/.ssh/authorized_keys.local> file, the public ssh keys from
+this file will be appand to the F<~/.ssh/authorized_keys> file too.
+
+=cut
+
+=head1 OPTIONS
+
+=over 8
+
+
+=item B<-u, --update>
+
+import the public ssh keys from the Schlittermann technician and the keys from the F<~/.ssh/authorized_keys.local> file
+
+=item B<-f, --force>
+
+force some actions (e.g. overwriting backup file) (default: 0)
+
+=item B<--keys-dir> I<dir>
+
+The directory where the "default" keys are stored
+(default: F</usr/share/schlittermann-ssh-keys/>)
+
+=item B<-h, --help>
+
+display this help and exit
+
+=item B<-m, --man>
+
+display full documentation
+
+=back
+
+=cut
+
+# vim:ts=4 sts=4 sw=4 aw ai sm: