From 0c46aa05e68dda40eb7f5b6f25b32a0fe32841a9 Mon Sep 17 00:00:00 2001 From: startxfr Date: Fri, 5 Dec 2014 21:42:47 +0100 Subject: modification de la gestion du serveur ssh --- Services/ssh/.ssh/authorized_keys | 3 +- Services/ssh/Dockerfile | 12 ++++---- Services/ssh/sx/sshd.sh | 63 +++++++++++++++++++++++++++++++++++++++ Services/ssh/sx/sshd_run.sh | 8 +++++ 4 files changed, 79 insertions(+), 7 deletions(-) create mode 100644 Services/ssh/sx/sshd.sh create mode 100644 Services/ssh/sx/sshd_run.sh (limited to 'Services/ssh') diff --git a/Services/ssh/.ssh/authorized_keys b/Services/ssh/.ssh/authorized_keys index 0dbe4dc..ef8ed1e 100644 --- a/Services/ssh/.ssh/authorized_keys +++ b/Services/ssh/.ssh/authorized_keys @@ -1 +1,2 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7pCBSddCIi/lOH+z6KdkyS/JLGFCQTH8u+JyHoqUj8X9nVty6xBWNTdYDq5/0vUFLUtOxMlX9noV8JddA/XFAWpGmQU8KDq3dcqjWJXZ4NUiXwDrysP7JryVXBDidZC16ObAGw58a2/5BiXs+WGoSkkNUFZN3rbIaurrth1ODD67YZiL+Jzts2KyJednn8bM+rmmMvvhKFzV4QnmgbYF0OvdAucaMTWrdmkuY/VVse1l2LxxEx2IFz/q6dxH8uuQUGXjESXlHw5I0Fi0lhMDQ9M8xqI9AKeu87R+UPKxyOZjwGpz5Fui5yKuJOHsjY57Mze5wTOnu+YdVxJOwpJhN cl@startx.fr \ No newline at end of file +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7pCBSddCIi/lOH+z6KdkyS/JLGFCQTH8u+JyHoqUj8X9nVty6xBWNTdYDq5/0vUFLUtOxMlX9noV8JddA/XFAWpGmQU8KDq3dcqjWJXZ4NUiXwDrysP7JryVXBDidZC16ObAGw58a2/5BiXs+WGoSkkNUFZN3rbIaurrth1ODD67YZiL+Jzts2KyJednn8bM+rmmMvvhKFzV4QnmgbYF0OvdAucaMTWrdmkuY/VVse1l2LxxEx2IFz/q6dxH8uuQUGXjESXlHw5I0Fi0lhMDQ9M8xqI9AKeu87R+UPKxyOZjwGpz5Fui5yKuJOHsjY57Mze5wTOnu+YdVxJOwpJhN cl@startx.fr +ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMHb1BVc0//5yjm35TR26UIX9Gk1omNl3Z0OZTm36ZsohzXLgHWxtI+eUofI0rw8k/PeCZMoaQK2MlIijuL7eMM= cl@alcorecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKBbjgNez6Bn/ngVpW0J/KBF42J2lcdyFWbYmnTCdkoUC7qks9Uy3WgJqqhkCIfIvm4jOOZuKJCD2WSPYD2TB00= cl@startx.fr diff --git a/Services/ssh/Dockerfile b/Services/ssh/Dockerfile index 904a064..2ad849c 100644 --- a/Services/ssh/Dockerfile +++ b/Services/ssh/Dockerfile @@ -4,13 +4,13 @@ MAINTAINER Christophe LARUE # Install packages and set up sshd RUN yum -y update \ && yum -y install openssh-server \ - && yum clean all -RUN mkdir /var/run/sshd \ - && ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' - + && yum clean all +# Copy startx toolkit +COPY sx/* /sx/ # Copy ssh keys COPY .ssh/authorized_keys /root/.ssh/authorized_keys +RUN chmod ug+rx /sx/sshd* + EXPOSE 22 -CMD ["/usr/sbin/sshd", "-D"] -ONBUILD CMD ["/usr/sbin/sshd", "-D"] +CMD ["/sx/sshd_run.sh"] \ No newline at end of file diff --git a/Services/ssh/sx/sshd.sh b/Services/ssh/sx/sshd.sh new file mode 100644 index 0000000..795fff5 --- /dev/null +++ b/Services/ssh/sx/sshd.sh @@ -0,0 +1,63 @@ +#!/bin/bash + +export TERM=dumb +export logfile="/var/log/sshd.log" + +# Begin configuration before starting daemonized process +# and start generating host keys +function begin_config { + echo "=> Begin sshd configuration for host $HOSTNAME" + mkdir -p /var/run/sshd +} + +# End configuration process just before starting daemon +function end_config { + echo "=> End sshd configuration ..." +} + +# Perform installation of ssh keys +function install_host_keys { + local mail=$1; + if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then + echo "===> Installing sshd host keys for $mail ..." + generate_host_key rsa $mail /etc/ssh/ssh_host_rsa_key + generate_host_key ecdsa $mail /etc/ssh/ssh_host_ecdsa_key + else + echo "===> sshd host key found at /etc/ssh/ssh_host_rsa_key ..." + fi; +} + + +# generate key and store +function generate_host_key { + local format=$1; local mail=$2; local dest=$3; + echo "===> Generating $format sshd key for $mail recorded in $dest" + ssh-keygen -t $format -C $mail -f $dest -N '' +} + +# Start the sshd server in background. Used to perform config +# against the database structure such as user creation +function start_server { + echo "===> Starting sshd server ..." + /usr/sbin/sshd & + sleep 8 +} + +# Stop the sshd server running in background. +function stop_server { + echo "===> Stopping sshd server ..." + killall sshd + sleep 8 +} + +# Start the sshd server as a deamon and execute it inside +# the running shell +function start_daemon { + echo "=> Starting sshd daemon ..." + exec /usr/sbin/sshd -D +} + + +if [[ "$0" == *"sshd.sh" && ! $1 = "" ]];then + eval "$@"; +fi \ No newline at end of file diff --git a/Services/ssh/sx/sshd_run.sh b/Services/ssh/sx/sshd_run.sh new file mode 100644 index 0000000..2aec330 --- /dev/null +++ b/Services/ssh/sx/sshd_run.sh @@ -0,0 +1,8 @@ +#!/bin/bash +source /sx/sshd.sh + +begin_config +install_host_keys "root@localhost" +end_config + +start_daemon \ No newline at end of file -- cgit v1.2.3