diff options
Diffstat (limited to 'contrib/cygwin/ssh-config')
-rwxr-xr-x | contrib/cygwin/ssh-config | 324 |
1 files changed, 324 insertions, 0 deletions
diff --git a/contrib/cygwin/ssh-config b/contrib/cygwin/ssh-config new file mode 100755 index 000000000..20c8cceb0 --- /dev/null +++ b/contrib/cygwin/ssh-config | |||
@@ -0,0 +1,324 @@ | |||
1 | #!/bin/sh | ||
2 | # | ||
3 | # ssh-config, Copyright 2000, Red Hat Inc. | ||
4 | # | ||
5 | # This file is part of the Cygwin port of OpenSSH. | ||
6 | |||
7 | # set -x | ||
8 | |||
9 | # Subdirectory where the new package is being installed | ||
10 | PREFIX=/usr | ||
11 | |||
12 | # Directory where the config files are stored | ||
13 | SYSCONFDIR=/etc | ||
14 | |||
15 | # Subdirectory where an old package might be installed | ||
16 | OLDPREFIX=/usr/local | ||
17 | OLDSYSCONFDIR=${OLDPREFIX}/etc | ||
18 | |||
19 | request() | ||
20 | { | ||
21 | answer="" | ||
22 | while [ "X${answer}" != "Xyes" -a "X${answer}" != "Xno" ] | ||
23 | do | ||
24 | echo -n "$1 (yes/no) " | ||
25 | read answer | ||
26 | done | ||
27 | if [ "X${answer}" = "Xyes" ] | ||
28 | then | ||
29 | return 0 | ||
30 | else | ||
31 | return 1 | ||
32 | fi | ||
33 | } | ||
34 | |||
35 | # Check for running ssh/sshd processes first. Refuse to do anything while | ||
36 | # some ssh processes are still running | ||
37 | |||
38 | if ps -ef | grep -v grep | grep -q ssh | ||
39 | then | ||
40 | echo | ||
41 | echo "There are still ssh processes running. Please shut them down first." | ||
42 | echo | ||
43 | exit 1 | ||
44 | fi | ||
45 | |||
46 | # Check for ${SYSCONFDIR} directory | ||
47 | |||
48 | if [ -e "${SYSCONFDIR}" -a ! -d "${SYSCONFDIR}" ] | ||
49 | then | ||
50 | echo | ||
51 | echo "${SYSCONFDIR} is existant but not a directory." | ||
52 | echo "Cannot create global configuration files." | ||
53 | echo | ||
54 | exit 1 | ||
55 | fi | ||
56 | |||
57 | # Create it if necessary | ||
58 | |||
59 | if [ ! -e "${SYSCONFDIR}" ] | ||
60 | then | ||
61 | mkdir "${SYSCONFDIR}" | ||
62 | if [ ! -e "${SYSCONFDIR}" ] | ||
63 | then | ||
64 | echo | ||
65 | echo "Creating ${SYSCONFDIR} directory failed" | ||
66 | echo | ||
67 | exit 1 | ||
68 | fi | ||
69 | fi | ||
70 | |||
71 | # Check for an old installation in ${OLDPREFIX} unless ${OLDPREFIX} isn't | ||
72 | # the same as ${PREFIX} | ||
73 | |||
74 | if [ "${OLDPREFIX}" != "${PREFIX}" ] | ||
75 | then | ||
76 | if [ -f "${OLDPREFIX}/sbin/sshd" ] | ||
77 | then | ||
78 | echo | ||
79 | echo "You seem to have an older installation in ${OLDPREFIX}." | ||
80 | echo | ||
81 | # Check if old global configuration files exist | ||
82 | if [ -f "${OLDSYSCONFDIR}/ssh_host_key" ] | ||
83 | then | ||
84 | if request "Do you want to copy your config files to your new installation?" | ||
85 | then | ||
86 | cp -f ${OLDSYSCONFDIR}/ssh_host_key ${SYSCONFDIR} | ||
87 | cp -f ${OLDSYSCONFDIR}/ssh_host_key.pub ${SYSCONFDIR} | ||
88 | cp -f ${OLDSYSCONFDIR}/ssh_host_dsa_key ${SYSCONFDIR} | ||
89 | cp -f ${OLDSYSCONFDIR}/ssh_host_dsa_key.pub ${SYSCONFDIR} | ||
90 | cp -f ${OLDSYSCONFDIR}/ssh_config ${SYSCONFDIR} | ||
91 | cp -f ${OLDSYSCONFDIR}/sshd_config ${SYSCONFDIR} | ||
92 | fi | ||
93 | fi | ||
94 | if request "Do you want to erase your old installation?" | ||
95 | then | ||
96 | rm -f ${OLDPREFIX}/bin/ssh.exe | ||
97 | rm -f ${OLDPREFIX}/bin/ssh-config | ||
98 | rm -f ${OLDPREFIX}/bin/scp.exe | ||
99 | rm -f ${OLDPREFIX}/bin/ssh-add.exe | ||
100 | rm -f ${OLDPREFIX}/bin/ssh-agent.exe | ||
101 | rm -f ${OLDPREFIX}/bin/ssh-keygen.exe | ||
102 | rm -f ${OLDPREFIX}/bin/slogin | ||
103 | rm -f ${OLDSYSCONFDIR}/ssh_host_key | ||
104 | rm -f ${OLDSYSCONFDIR}/ssh_host_key.pub | ||
105 | rm -f ${OLDSYSCONFDIR}/ssh_host_dsa_key | ||
106 | rm -f ${OLDSYSCONFDIR}/ssh_host_dsa_key.pub | ||
107 | rm -f ${OLDSYSCONFDIR}/ssh_config | ||
108 | rm -f ${OLDSYSCONFDIR}/sshd_config | ||
109 | rm -f ${OLDPREFIX}/man/man1/ssh.1 | ||
110 | rm -f ${OLDPREFIX}/man/man1/scp.1 | ||
111 | rm -f ${OLDPREFIX}/man/man1/ssh-add.1 | ||
112 | rm -f ${OLDPREFIX}/man/man1/ssh-agent.1 | ||
113 | rm -f ${OLDPREFIX}/man/man1/ssh-keygen.1 | ||
114 | rm -f ${OLDPREFIX}/man/man1/slogin.1 | ||
115 | rm -f ${OLDPREFIX}/man/man8/sshd.8 | ||
116 | rm -f ${OLDPREFIX}/sbin/sshd.exe | ||
117 | rm -f ${OLDPREFIX}/sbin/sftp-server.exe | ||
118 | fi | ||
119 | fi | ||
120 | fi | ||
121 | |||
122 | # First generate host keys if not already existing | ||
123 | |||
124 | if [ ! -f "${SYSCONFDIR}/ssh_host_key" ] | ||
125 | then | ||
126 | echo "Generating ${SYSCONFDIR}/ssh_host_key" | ||
127 | ssh-keygen -f ${SYSCONFDIR}/ssh_host_key -N '' | ||
128 | fi | ||
129 | |||
130 | if [ ! -f "${SYSCONFDIR}/ssh_host_dsa_key" ] | ||
131 | then | ||
132 | echo "Generating ${SYSCONFDIR}/ssh_host_dsa_key" | ||
133 | ssh-keygen -d -f ${SYSCONFDIR}/ssh_host_dsa_key -N '' | ||
134 | fi | ||
135 | |||
136 | # Check if ssh_config exists. If yes, ask for overwriting | ||
137 | |||
138 | if [ -f "${SYSCONFDIR}/ssh_config" ] | ||
139 | then | ||
140 | if request "Overwrite existing ${SYSCONFDIR}/ssh_config file?" | ||
141 | then | ||
142 | rm -f "${SYSCONFDIR}/ssh_config" | ||
143 | if [ -f "${SYSCONFDIR}/ssh_config" ] | ||
144 | then | ||
145 | echo "Can't overwrite. ${SYSCONFDIR}/ssh_config is write protected." | ||
146 | fi | ||
147 | fi | ||
148 | fi | ||
149 | |||
150 | # Create default ssh_config from here script | ||
151 | |||
152 | if [ ! -f "${SYSCONFDIR}/ssh_config" ] | ||
153 | then | ||
154 | echo "Creating default ${SYSCONFDIR}/ssh_config file" | ||
155 | cat > ${SYSCONFDIR}/ssh_config << EOF | ||
156 | # This is ssh client systemwide configuration file. This file provides | ||
157 | # defaults for users, and the values can be changed in per-user configuration | ||
158 | # files or on the command line. | ||
159 | |||
160 | # Configuration data is parsed as follows: | ||
161 | # 1. command line options | ||
162 | # 2. user-specific file | ||
163 | # 3. system-wide file | ||
164 | # Any configuration value is only changed the first time it is set. | ||
165 | # Thus, host-specific definitions should be at the beginning of the | ||
166 | # configuration file, and defaults at the end. | ||
167 | |||
168 | # Site-wide defaults for various options | ||
169 | |||
170 | # Host * | ||
171 | # ForwardAgent yes | ||
172 | # ForwardX11 yes | ||
173 | # RhostsAuthentication yes | ||
174 | # RhostsRSAAuthentication yes | ||
175 | # RSAAuthentication yes | ||
176 | # PasswordAuthentication yes | ||
177 | # FallBackToRsh no | ||
178 | # UseRsh no | ||
179 | # BatchMode no | ||
180 | # CheckHostIP yes | ||
181 | # StrictHostKeyChecking no | ||
182 | # IdentityFile ~/.ssh/identity | ||
183 | # Port 22 | ||
184 | # Protocol 2,1 | ||
185 | # Cipher 3des | ||
186 | # EscapeChar ~ | ||
187 | |||
188 | # Be paranoid by default | ||
189 | Host * | ||
190 | ForwardAgent no | ||
191 | ForwardX11 no | ||
192 | FallBackToRsh no | ||
193 | EOF | ||
194 | fi | ||
195 | |||
196 | # Check if sshd_config exists. If yes, ask for overwriting | ||
197 | |||
198 | if [ -f "${SYSCONFDIR}/sshd_config" ] | ||
199 | then | ||
200 | if request "Overwrite existing ${SYSCONFDIR}/sshd_config file?" | ||
201 | then | ||
202 | rm -f "${SYSCONFDIR}/sshd_config" | ||
203 | if [ -f "${SYSCONFDIR}/sshd_config" ] | ||
204 | then | ||
205 | echo "Can't overwrite. ${SYSCONFDIR}/sshd_config is write protected." | ||
206 | fi | ||
207 | fi | ||
208 | fi | ||
209 | |||
210 | # Create default sshd_config from here script | ||
211 | |||
212 | if [ ! -f "${SYSCONFDIR}/sshd_config" ] | ||
213 | then | ||
214 | echo "Creating default ${SYSCONFDIR}/sshd_config file" | ||
215 | cat > ${SYSCONFDIR}/sshd_config << EOF | ||
216 | # This is ssh server systemwide configuration file. | ||
217 | |||
218 | Port 22 | ||
219 | #Protocol 2,1 | ||
220 | ListenAddress 0.0.0.0 | ||
221 | #ListenAddress :: | ||
222 | #HostKey /etc/ssh_host_key | ||
223 | ServerKeyBits 768 | ||
224 | LoginGraceTime 600 | ||
225 | KeyRegenerationInterval 3600 | ||
226 | PermitRootLogin yes | ||
227 | # | ||
228 | # Don't read ~/.rhosts and ~/.shosts files | ||
229 | IgnoreRhosts yes | ||
230 | # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication | ||
231 | #IgnoreUserKnownHosts yes | ||
232 | StrictModes yes | ||
233 | X11Forwarding no | ||
234 | X11DisplayOffset 10 | ||
235 | PrintMotd yes | ||
236 | KeepAlive yes | ||
237 | |||
238 | # Logging | ||
239 | SyslogFacility AUTH | ||
240 | LogLevel INFO | ||
241 | #obsoletes QuietMode and FascistLogging | ||
242 | |||
243 | RhostsAuthentication no | ||
244 | # | ||
245 | # For this to work you will also need host keys in /etc/ssh_known_hosts | ||
246 | RhostsRSAAuthentication no | ||
247 | |||
248 | # To install for logon to different user accounts change to "no" here | ||
249 | RSAAuthentication yes | ||
250 | |||
251 | # To install for logon to different user accounts change to "yes" here | ||
252 | PasswordAuthentication no | ||
253 | |||
254 | PermitEmptyPasswords no | ||
255 | |||
256 | CheckMail no | ||
257 | UseLogin no | ||
258 | |||
259 | #Uncomment if you want to enable sftp | ||
260 | #Subsystem sftp /usr/sbin/sftp-server | ||
261 | #MaxStartups 10:30:60 | ||
262 | EOF | ||
263 | fi | ||
264 | |||
265 | # Ask user if user identity should be generated | ||
266 | |||
267 | if [ "X${HOME}" = "X" ] | ||
268 | then | ||
269 | echo '$HOME is nonexistant. Cannot create user identity files.' | ||
270 | exit 1 | ||
271 | fi | ||
272 | |||
273 | if [ ! -d "${HOME}" ] | ||
274 | then | ||
275 | echo '$HOME is not a valid directory. Cannot create user identity files.' | ||
276 | exit 1 | ||
277 | fi | ||
278 | |||
279 | # If HOME is the root dir, set HOME to empty string to avoid error messages | ||
280 | # in subsequent parts of that script. | ||
281 | if [ "X${HOME}" = "X/" ] | ||
282 | then | ||
283 | HOME='' | ||
284 | fi | ||
285 | |||
286 | if [ -e "${HOME}/.ssh" -a ! -d "${HOME}/.ssh" ] | ||
287 | then | ||
288 | echo '$HOME/.ssh is existant but not a directory. Cannot create user identity files.' | ||
289 | exit 1 | ||
290 | fi | ||
291 | |||
292 | if [ ! -e "${HOME}/.ssh" ] | ||
293 | then | ||
294 | mkdir "${HOME}/.ssh" | ||
295 | if [ ! -e "${HOME}/.ssh" ] | ||
296 | then | ||
297 | echo "Creating users ${HOME}/.ssh directory failed" | ||
298 | exit 1 | ||
299 | fi | ||
300 | fi | ||
301 | |||
302 | if [ ! -f "${HOME}/.ssh/identity" ] | ||
303 | then | ||
304 | if request "Shall I create an RSA identity file for you?" | ||
305 | then | ||
306 | echo "Generating ${HOME}/.ssh/identity" | ||
307 | ssh-keygen -f "${HOME}/.ssh/identity" | ||
308 | fi | ||
309 | fi | ||
310 | |||
311 | if [ ! -f "${HOME}/.ssh/id_dsa" ] | ||
312 | then | ||
313 | if request "Shall I create an DSA identity file for you? (yes/no) " | ||
314 | then | ||
315 | echo "Generating ${HOME}/.ssh/id_dsa" | ||
316 | ssh-keygen -d -f "${HOME}/.ssh/id_dsa" | ||
317 | fi | ||
318 | fi | ||
319 | |||
320 | echo | ||
321 | echo "Note: If you have used sshd as service or from inetd, don't forget to" | ||
322 | echo " change the path to sshd.exe in the service entry or in inetd.conf." | ||
323 | echo | ||
324 | echo "Configuration finished. Have fun!" | ||