diff --git a/Makefile b/Makefile index 5406fd07..3abea175 100644 --- a/Makefile +++ b/Makefile @@ -17,10 +17,12 @@ install: install -m 644 man/${APP}.1.gz ${DESTDIR}${PREFIX}/share/man/man1 install -m 644 man/${APP}-prep.1.gz ${DESTDIR}${PREFIX}/share/man/man1 install -m 644 man/${APP}-tordongle.1.gz ${DESTDIR}${PREFIX}/share/man/man1 + install -m 644 man/${APP}-client.1.gz ${DESTDIR}${PREFIX}/share/man/man1 uninstall: rm -f ${PREFIX}/share/man/man1/${APP}.1.gz rm -f ${PREFIX}/share/man/man1/${APP}-prep.1.gz rm -f ${PREFIX}/share/man/man1/${APP}-tordongle.1.gz + rm -f ${PREFIX}/share/man/man1/${APP}-client.1.gz rm -rf ${PREFIX}/share/${APP} rm -f ${PREFIX}/bin/${APP} rm -f ${PREFIX}/bin/${APP}-prep diff --git a/debian.sh b/debian.sh index 2bc41631..ee1ebdb6 100755 --- a/debian.sh +++ b/debian.sh @@ -11,6 +11,7 @@ sed -i 's/VERSION='${PREV_VERSION}'/VERSION='${VERSION}'/g' Makefile sed -i 's/VERSION="'${PREV_VERSION}'"/VERSION="'${VERSION}'"/g' src/freedombone sed -i 's/VERSION="'${PREV_VERSION}'"/VERSION="'${VERSION}'"/g' src/freedombone-prep sed -i 's/VERSION="'${PREV_VERSION}'"/VERSION="'${VERSION}'"/g' src/freedombone-tordongle +sed -i 's/VERSION="'${PREV_VERSION}'"/VERSION="'${VERSION}'"/g' src/freedombone-client # change the parent directory name to debian format mv ../${APP} ../${DIR} diff --git a/debian/source/include-binaries b/debian/source/include-binaries index 582888f7..13ac9c4b 100644 --- a/debian/source/include-binaries +++ b/debian/source/include-binaries @@ -1,3 +1,4 @@ man/freedombone.1.gz man/freedombone-prep.1.gz man/freedombone-tordongle.1.gz +man/freedombone-client.1.gz diff --git a/man/freedombone-client.1.gz b/man/freedombone-client.1.gz new file mode 100644 index 00000000..bc756500 Binary files /dev/null and b/man/freedombone-client.1.gz differ diff --git a/src/freedombone b/src/freedombone index 9cc118c4..a77a40ee 100755 --- a/src/freedombone +++ b/src/freedombone @@ -4260,10 +4260,6 @@ function configure_ssh { # see https://stribika.github.io/2015/01/04/secure-secure-shell.html function ssh_remove_small_moduli { awk '$5 > 2000' /etc/ssh/moduli > ~/moduli - if [[ $((wc -l ~/moduli | awk -F ' ' '{print $1}')) < 150 ]]; then - echo 'Not enough moduli > 2000' - exit 57824 - fi mv ~/moduli /etc/ssh/moduli } @@ -4271,24 +4267,32 @@ function configure_ssh_client { if grep -Fxq "configure_ssh_client" $COMPLETION_FILE; then return fi - #sed 's/# PasswordAuthentication.*/ PasswordAuthentication no/g' /etc/ssh/ssh_config - #sed 's/# ChallengeResponseAuthentication.*/ ChallengeResponseAuthentication no/g' /etc/ssh/ssh_config - sed "s/# HostKeyAlgorithms.*/ HostKeyAlgorithms $SSH_HOST_KEY_ALGORITHMS/g" /etc/ssh/ssh_config - sed "s/# Ciphers.*/ Ciphers $SSH_CIPHERS/g" /etc/ssh/ssh_config - sed "s/# MACs.*/ MACs $SSH_MACS/g" /etc/ssh/ssh_config + #sed -i 's/# PasswordAuthentication.*/ PasswordAuthentication no/g' /etc/ssh/ssh_config + #sed -i 's/# ChallengeResponseAuthentication.*/ ChallengeResponseAuthentication no/g' /etc/ssh/ssh_config + sed -i "s/# HostKeyAlgorithms.*/ HostKeyAlgorithms $SSH_HOST_KEY_ALGORITHMS/g" /etc/ssh/ssh_config + sed -i "s/# Ciphers.*/ Ciphers $SSH_CIPHERS/g" /etc/ssh/ssh_config + sed -i "s/# MACs.*/ MACs $SSH_MACS/g" /etc/ssh/ssh_config if ! grep -q "HostKeyAlgorithms" /etc/ssh/ssh_config; then echo " HostKeyAlgorithms $SSH_HOST_KEY_ALGORITHMS" >> /etc/ssh/ssh_config fi - sed "s/Ciphers.*/Ciphers $SSH_CIPHERS/g" /etc/ssh/ssh_config + sed -i "s/Ciphers.*/Ciphers $SSH_CIPHERS/g" /etc/ssh/ssh_config if ! grep -q "Ciphers " /etc/ssh/ssh_config; then echo " Ciphers $SSH_CIPHERS" >> /etc/ssh/ssh_config fi - sed "s/MACs.*/MACs $SSH_MACS/g" /etc/ssh/ssh_config + sed -i "s/MACs.*/MACs $SSH_MACS/g" /etc/ssh/ssh_config if ! grep -q "MACs " /etc/ssh/ssh_config; then echo " MACs $SSH_MACS" >> /etc/ssh/ssh_config fi - ssh-keygen -t ed25519 -o -a 100 - ssh-keygen -t rsa -b 4096 -o -a 100 + + # Create ssh keys + if [ ! -f ~/.ssh/id_ed25519 ]; then + ssh-keygen -t ed25519 -o -a 100 + fi + if [ ! -f ~/.ssh/id_rsa ]; then + ssh-keygen -t rsa -b 4096 -o -a 100 + fi + + ssh_remove_small_moduli echo 'configure_ssh_client' >> $COMPLETION_FILE }