On Thu, 27 Nov 2014 15:21:36 +0000
Alan Lacerda <alancordeiro@gmail.com> wrote:
> ---> setup-sshd.in | 19 +++++++++++++++++++> 1 file changed, 19 insertions(+)> > diff --git a/setup-sshd.in b/setup-sshd.in> index 1890b7c..1e6da29 100644> --- a/setup-sshd.in> +++ b/setup-sshd.in> @@ -46,6 +46,25 @@ case "$sshdchoice" in> dropbear) svc=dropbear;;> esac> > +echo -n "Do you want to set up SSH key authentication [y|N]? "> +default_read sshauthkey "n"> +> +if [ "$sshdchoice" = "openssh" ]; then> + if [ "$sshauthkey" = "y" ] || [ "$sshauthkey" = "Y" ]; then> + sed -i 's/\#PasswordAuthentication\> yes/PasswordAuthentication\ no/g' /etc/ssh/sshd_config> + mkdir -p ~/.ssh && touch ~/.ssh/authorized_keys> + echo -n "Do you want to add keys to the> authorized_keys file [Y|n]? "> + default_read sshaddkey "y"> + if [ "$sshaddkey" = "y" ] || [ "$sshaddkey" = "Y" ];> then> + vi ~/.ssh/authorized_keys> + else> + echo ""> + echo "WARNING: Do not forget to add your> public key to ~/.ssh/authorized_keys"> + echo ""> + fi> + fi> +fi> +> if [ -n "$svc" ]; then> rc-update add $svc default> rc-service $svc start
I am sceptic.
Problem 1: I want ask as few questions as possible so I am not happy
with adding new questions.
Problem 2: The question asked is misleading. If you want both password
and key authentication, what should you answer to the question: "Do you
want to set up SSH key authentication?"
So can we add this functionality without always asking any questions?
How about, if setup-sshd finds a (valid) pre-existing
authorized_keys it will ask the question:
Found the following ssh keys:
<list of keys>
Would you like to disable password authentication (Y/n)? [Y]
And maybe have an option -k <keysfile> which lets you quietly do the
same with:
setup-sshd -k /media/usb/ssh-keys
I mean, what users remembers the public ssh key to be able to enter it
in vi?
-nc
---
Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org
Help: alpine-devel+help@lists.alpinelinux.org
---