Darryl L. Pierce
2009-Jul-07 16:13 UTC
[Ovirt-devel] Changed to toggle PasswordAuthentication...
...and not PermitRootLogin in /etc/ssh/sshd_config.
Darryl L. Pierce
2009-Jul-07 16:13 UTC
[Ovirt-devel] [PATCH node] Provides a means to toggle SSH password auth from the firstboot menu. rhbz#509842
The password option now goes to a submenu. This submenu lets the user chose to either set the administrator password or else toggle SSH password authentication on or off. The submenu also reports whether password authentication is current enabled. Signed-off-by: Darryl L. Pierce <dpierce at redhat.com> --- scripts/ovirt-config-password | 77 +++++++++++++++++++++++++++++++++++------ 1 files changed, 66 insertions(+), 11 deletions(-) diff --git a/scripts/ovirt-config-password b/scripts/ovirt-config-password index 03b41e1..4c7d001 100755 --- a/scripts/ovirt-config-password +++ b/scripts/ovirt-config-password @@ -37,14 +37,69 @@ function prompt_sasl_user { done } -printf "\n\n Password Configuration\n\n" - -# prompt user -# Set the password for the root user first -printf "\nSystem Administrator (root):\n" -unmount_config /etc/shadow -passwd root -ovirt_store_config /etc/shadow -printf "\nAdding users for libvirt remote access" -# TODO list existing users in /etc/libvirt/passwd.db -while prompt_sasl_user; do :; done +set_password () { + printf "\n\n Password Configuration\n\n" + + # prompt user + # Set the password for the root user first + printf "\nSystem Administrator (root):\n" + unmount_config /etc/shadow + passwd root + ovirt_store_config /etc/shadow + printf "\nAdding users for libvirt remote access" + # TODO list existing users in /etc/libvirt/passwd.db + while prompt_sasl_user; do :; done +} + +toggle_ssh_access () +{ + local allowed=$1 + local config=$WORKDIR/augeas-ssh + + if $allowed; then permit="yes"; else permit="no"; fi + printf "set /files/etc/ssh/sshd_config/PasswordAuthentication ${permit}\n" > $config + cat $config | augtool + + service sshd restart +} + +toggle_ssh () { + local prompt=$1 + + printf "\nToggle SSH\n\n" + + while true; do + read -ep "${prompt} (y/n)? " + case $REPLY in + Y|y) toggle_ssh_access true; return;; + N|n) toggle_ssh_access false; return;; + esac + done +} + +PASSWORD="Set administrator password" +SSH="Enable SSH password authentication" +QUIT="Quit and Return To Menu" + +while true; do + state="disabled" + prompt="Enable SSH access" + grep "^PasswordAuthentication\ *yes" /etc/ssh/sshd_config > /dev/null + if [ $? == 0 ]; then + state="enabled" + prompt="Leave SSH access enabled" + fi + printf "\nSSH password authentication is currently ${state}.\n\n" + + PS3="Please select an option: " + select option in "$PASSWORD" "$SSH" "$QUIT" + do + case $option in + $PASSWORD) set_password; break;; + $SSH) toggle_ssh "$prompt"; break;; + $QUIT) exit;; + esac + done + + printf "\n" +done -- 1.6.2.5