free
/
freedomboneeee
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Make allowing ssh passwords a separate menu entry

This commit is contained in:
Bob Mottram 2016-10-30 10:07:57 +00:00
parent a3f2fe4539
commit 6096ac3bf8
1 changed files with 27 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
src/freedombone-sec
View File

@ -175,12 +175,13 @@ function change_ssh_settings {
return return
fi fi
if [ ! $SSH_PASSWORDS ]; then if [ ! $SSH_PASSWORDS ]; then
return SSH_PASSWORDS='yes'
fi fi
sed -i "s|Ciphers .*|Ciphers $SSH_CIPHERS|g" $SSH_CONFIG sed -i "s|Ciphers .*|Ciphers $SSH_CIPHERS|g" $SSH_CONFIG
sed -i "s|MACs .*|MACs $SSH_MACS|g" $SSH_CONFIG sed -i "s|MACs .*|MACs $SSH_MACS|g" $SSH_CONFIG
sed -i "s|KexAlgorithms .*|KexAlgorithms $SSH_KEX|g" $SSH_CONFIG sed -i "s|KexAlgorithms .*|KexAlgorithms $SSH_KEX|g" $SSH_CONFIG
sed -i "s|#PasswordAuthentication .*|PasswordAuthentication $SSH_PASSWORDS|g" $SSH_CONFIG
sed -i "s|PasswordAuthentication .*|PasswordAuthentication $SSH_PASSWORDS|g" $SSH_CONFIG sed -i "s|PasswordAuthentication .*|PasswordAuthentication $SSH_PASSWORDS|g" $SSH_CONFIG
systemctl restart ssh systemctl restart ssh
echo $'ssh server security settings changed' echo $'ssh server security settings changed'
@ -203,6 +204,25 @@ function change_xmpp_settings {
echo $'xmpp security settings changed' echo $'xmpp security settings changed'
} }
function allow_ssh_passwords {
if [[ $SSH_PASSWORDS == "yes" ]]; then
dialog --title $"SSH Passwords" \
--backtitle $"Freedombone Security Configuration" \
--yesno $"\nAllow SSH login using passwords?" 7 60
else
dialog --title $"SSH Passwords" \
--backtitle $"Freedombone Security Configuration" \
--defaultno \
--yesno $"\nAllow SSH login using passwords?" 7 60
fi
sel=$?
case $sel in
0) SSH_PASSWORDS="yes";;
1) SSH_PASSWORDS="no";;
255) exit 0;;
esac
}
function interactive_setup { function interactive_setup {
if [ $SSL_CIPHERS ]; then if [ $SSL_CIPHERS ]; then
data=$(tempfile 2>/dev/null) data=$(tempfile 2>/dev/null)
@ -257,23 +277,6 @@ function interactive_setup {
esac esac
fi fi
if [[ $SSH_PASSWORDS == "yes" ]]; then
dialog --title $"SSH Passwords" \
--backtitle $"Freedombone Security Configuration" \
--yesno $"\nAllow SSH login using passwords?" 7 60
else
dialog --title $"SSH Passwords" \
--backtitle $"Freedombone Security Configuration" \
--defaultno \
--yesno $"\nAllow SSH login using passwords?" 7 60
fi
sel=$?
case $sel in
0) SSH_PASSWORDS="yes";;
1) SSH_PASSWORDS="no";;
255) exit 0;;
esac
if [ $XMPP_CIPHERS ]; then if [ $XMPP_CIPHERS ]; then
data=$(tempfile 2>/dev/null) data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15 trap "rm -f $data" 0 1 2 5 15
@ -680,7 +683,7 @@ function menu_security_settings {
trap "rm -f $data" 0 1 2 5 15 trap "rm -f $data" 0 1 2 5 15
dialog --backtitle $"Freedombone Control Panel" \ dialog --backtitle $"Freedombone Control Panel" \
--title $"Security Settings" \ --title $"Security Settings" \
--radiolist $"Choose an operation:" 15 76 15 \ --radiolist $"Choose an operation:" 16 76 16 \
1 $"Regenerate ssh host keys" off \ 1 $"Regenerate ssh host keys" off \
2 $"Regenerate Diffie-Hellman keys" off \ 2 $"Regenerate Diffie-Hellman keys" off \
3 $"Update cipersuite" off \ 3 $"Update cipersuite" off \
@ -688,7 +691,8 @@ function menu_security_settings {
5 $"Renew Let's Encrypt certificate" off \ 5 $"Renew Let's Encrypt certificate" off \
6 $"Enable GPG based authentication (monkeysphere)" off \ 6 $"Enable GPG based authentication (monkeysphere)" off \
7 $"Register a website with monkeysphere" off \ 7 $"Register a website with monkeysphere" off \
8 $"Go Back/Exit" on 2> $data 8 $"Allow ssh login with passwords" off \
9 $"Go Back/Exit" on 2> $data
sel=$? sel=$?
case $sel in case $sel in
1) exit 1;; 1) exit 1;;
@ -733,6 +737,9 @@ function menu_security_settings {
register_website register_website
;; ;;
8) 8)
allow_ssh_passwords
;;
9)
exit 0 exit 0
;; ;;
esac esac