From e2d92847bbece5889f6690f68bf4bc614723700c Mon Sep 17 00:00:00 2001 From: Andrew Cady Date: Sat, 23 Oct 2021 18:35:31 -0400 Subject: sshd improvements --- EndoForge/openssh/Makefile | 7 +------ EndoForge/openssh/run-sshd | 28 ++++++++++++++++++++++++++++ EndoForge/openssh/runsshd.sh | 16 ---------------- EndoForge/openssh/sshd_config | 6 ++++-- 4 files changed, 33 insertions(+), 24 deletions(-) create mode 100755 EndoForge/openssh/run-sshd delete mode 100755 EndoForge/openssh/runsshd.sh diff --git a/EndoForge/openssh/Makefile b/EndoForge/openssh/Makefile index e53a851..ae39ed2 100644 --- a/EndoForge/openssh/Makefile +++ b/EndoForge/openssh/Makefile @@ -1,11 +1,6 @@ -# SSH_LISTEN_PORT = 22022 -# SSHD = /usr/sbin/sshd -p $(SSH_LISTEN_PORT) -D -e -f ~/.ssh/sshd_config -h ~/.ssh/id_ed25519 run: - fakeroot ./runsshd.sh - -runtest: - $(SSHD) -t + ./run-sshd -D -e -f ~/.ssh/sshd_config install: install -m0600 sshd_config -t ~/.ssh diff --git a/EndoForge/openssh/run-sshd b/EndoForge/openssh/run-sshd new file mode 100755 index 0000000..29615fb --- /dev/null +++ b/EndoForge/openssh/run-sshd @@ -0,0 +1,28 @@ +#!/bin/sh +case "$LD_PRELOAD" in + libfakeroot-sysv.so) ;; + '') exec fakeroot -- "$0" "$@" ;; + *) exit 1 ;; +esac + +fixperms() +{ + set -- + dirs=$HOME + p=$HOME + while [ "$p" != "${p%/*}" ] + do + p=${p%/*} + dirs="$dirs $p/" + done + + chown root:root $dirs + chmod go-w $dirs +} + +fixperms + +PATH=/sbin:/usr/sbin:$PATH +cmd="$(which sshd) $*" +runuser -u "$USER" -- sh -c "$cmd" + diff --git a/EndoForge/openssh/runsshd.sh b/EndoForge/openssh/runsshd.sh deleted file mode 100755 index 1eff668..0000000 --- a/EndoForge/openssh/runsshd.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh -set -- -dirs=$HOME -p=$HOME -while [ "$p" != "${p%/*}" ] -do - p=${p%/*} - dirs="$dirs $p/" -done - -chown root:root $dirs -chmod go-w $dirs - -cmd="/usr/sbin/sshd -D -e -f $HOME/.ssh/sshd_config -h $HOME/.ssh/id_ed25519" -/sbin/runuser -u u -- sh -c "set -x; $cmd" - diff --git a/EndoForge/openssh/sshd_config b/EndoForge/openssh/sshd_config index 8df5d17..2273805 100644 --- a/EndoForge/openssh/sshd_config +++ b/EndoForge/openssh/sshd_config @@ -1,9 +1,11 @@ -Port 22022 +Port=22022 + +HostKey=/home/u/.ssh/id_ed25519 +PidFile=/home/u/.ssh/sshd.pid AuthorizedKeysCommandUser=u AuthorizedKeysCommand=/home/u/.ssh/AuthorizedKeysCommand %u %h %f "%t %k" ExposeAuthInfo=yes -PidFile=/home/u/.ssh/sshd.pid AuthenticationMethods publickey AcceptEnv LANG LC_* -- cgit v1.2.3