summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormakefu <root@pigstarter.de>2013-01-29 11:58:13 +0000
committermakefu <root@pigstarter.de>2013-01-29 11:58:13 +0000
commit1025fa3e19d2678da41a13c2bce0846a661c0624 (patch)
treebc6e3ff86244e5c7837de6fdd6f7d0161e39d48d
parent721f01468e0a08cd145a9596208f196227ec55e3 (diff)
add authorized_keys config for openssh-server
-rw-r--r--services/Makefile22
1 files changed, 21 insertions, 1 deletions
diff --git a/services/Makefile b/services/Makefile
index a68f095d..901769b8 100644
--- a/services/Makefile
+++ b/services/Makefile
@@ -1,9 +1,29 @@
help:;@cat Makefile
-
export authorized_keys_file := authorized_keys
export services_file := services.txt
export host_key_file := test.key
+export services_home := /opt/services
+
+.PHONY: authorized_keys
+$(services_home)/.ssh:
+ mkdir $@
+ chown services:services $@
+
+$(services_home)/.ssh/authorized_keys: $(services_home)/.ssh $(authorized_keys_file)
+ cp $(authorized_keys_file) $(services_home)/.ssh/authorized_keys
+ @echo "restricting authorized_keys..."
+ @sed -i 's#^#command="/bin/cat $(services_home)/services.txt",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty #' $(services_home)/.ssh/authorized_keys
+
+$(services_home)/services.txt:
+ @echo 'make sure to configure the services correctly in $(services_home)/services.txt'
+ cp $(services_file) $(services_home)/services.txt
+
+service-user: $(services_home)/services.txt $(services_home)/.ssh/authorized_keys
+ @echo 'also make sure that the user is created: make create-service-user'
+create-service-user:
+ useradd -m -r -l -f -1 -d /opt/services services
+
test-client:
ssh localhost -p 1337 2>/dev/null