diff options
Diffstat (limited to 'EndoForge/openssh')
-rwxr-xr-x | EndoForge/openssh/AuthorizedKeysCommand | 21 | ||||
-rw-r--r-- | EndoForge/openssh/Makefile | 7 | ||||
-rwxr-xr-x | EndoForge/openssh/run-sshd | 32 | ||||
-rw-r--r-- | EndoForge/openssh/sshd_config | 15 |
4 files changed, 0 insertions, 75 deletions
diff --git a/EndoForge/openssh/AuthorizedKeysCommand b/EndoForge/openssh/AuthorizedKeysCommand deleted file mode 100755 index 0e6d285..0000000 --- a/EndoForge/openssh/AuthorizedKeysCommand +++ /dev/null | |||
@@ -1,21 +0,0 @@ | |||
1 | #!/bin/sh | ||
2 | # Modified AuthorizedKeysCommand for running OpenSSH as unprivileged user. | ||
3 | # | ||
4 | # Uses the home directory of the calling user (ascertained through "id -un") | ||
5 | # instead of the authenticated user. | ||
6 | |||
7 | fingerprint=$3 | ||
8 | authline="$4 $5" | ||
9 | |||
10 | username=$(id -un) | ||
11 | userhome=$(getent passwd $(id -un) | (IFS=: read _ _ _ _ _ home _ && echo "$home")) | ||
12 | |||
13 | case "$userhome" in | ||
14 | '' | *"'"* ) exit ;; | ||
15 | esac | ||
16 | |||
17 | usercommand=$userhome/.ssh/AnonymousAccessCommand | ||
18 | |||
19 | [ -x "$usercommand" ] || exit | ||
20 | |||
21 | printf 'command="%s",no-port-forwarding %s\n' "$usercommand $fingerprint" "$authline" | ||
diff --git a/EndoForge/openssh/Makefile b/EndoForge/openssh/Makefile deleted file mode 100644 index ae39ed2..0000000 --- a/EndoForge/openssh/Makefile +++ /dev/null | |||
@@ -1,7 +0,0 @@ | |||
1 | |||
2 | run: | ||
3 | ./run-sshd -D -e -f ~/.ssh/sshd_config | ||
4 | |||
5 | install: | ||
6 | install -m0600 sshd_config -t ~/.ssh | ||
7 | install -m0755 AuthorizedKeysCommand -t ~/.ssh | ||
diff --git a/EndoForge/openssh/run-sshd b/EndoForge/openssh/run-sshd deleted file mode 100755 index 20e82d8..0000000 --- a/EndoForge/openssh/run-sshd +++ /dev/null | |||
@@ -1,32 +0,0 @@ | |||
1 | #!/bin/sh | ||
2 | # Fix file ownership with fakeroot so that OpenSSH will run as a user. | ||
3 | # | ||
4 | # The ownership is not really changed on disk, but 'chmod go-w' might actually | ||
5 | # change permissions on disk. | ||
6 | |||
7 | case "$LD_PRELOAD" in | ||
8 | libfakeroot-sysv.so) ;; | ||
9 | '') exec fakeroot -- "$0" "$@" ;; | ||
10 | *) exit 1 ;; | ||
11 | esac | ||
12 | |||
13 | fixperms() | ||
14 | { | ||
15 | set -- "$1" | ||
16 | local p="$1" oldp= | ||
17 | while [ "$p" != "$oldp" ] | ||
18 | do | ||
19 | oldp=$p | ||
20 | p=${p%/*}/ | ||
21 | set -- "$@" "$p" | ||
22 | done | ||
23 | chown root:root "$@" | ||
24 | chmod go-w "$@" | ||
25 | } | ||
26 | |||
27 | fixperms "$HOME"/.ssh | ||
28 | |||
29 | PATH=/sbin:/usr/sbin:$PATH | ||
30 | cmd="$(which sshd) $*" | ||
31 | runuser -u "$USER" -- sh -c "$cmd" | ||
32 | |||
diff --git a/EndoForge/openssh/sshd_config b/EndoForge/openssh/sshd_config deleted file mode 100644 index 2273805..0000000 --- a/EndoForge/openssh/sshd_config +++ /dev/null | |||
@@ -1,15 +0,0 @@ | |||
1 | Port=22022 | ||
2 | |||
3 | HostKey=/home/u/.ssh/id_ed25519 | ||
4 | PidFile=/home/u/.ssh/sshd.pid | ||
5 | |||
6 | AuthorizedKeysCommandUser=u | ||
7 | AuthorizedKeysCommand=/home/u/.ssh/AuthorizedKeysCommand %u %h %f "%t %k" | ||
8 | ExposeAuthInfo=yes | ||
9 | |||
10 | AuthenticationMethods publickey | ||
11 | AcceptEnv LANG LC_* | ||
12 | Subsystem sftp /usr/lib/openssh/sftp-server | ||
13 | UsePAM no | ||
14 | PermitTTY no | ||
15 | ChrootDirectory=none | ||