Allow verification of the ssh host key

2016-11-22 22:57:43 +00:00 · 2016-11-22 22:57:43 +00:00 · 9c2c644310
parent 4bc84ba060
commit 9c2c644310
2 changed files with 28 additions and 18 deletions
--- a/src/freedombone-sec
+++ b/src/freedombone-sec
@ -690,16 +690,17 @@ function menu_security_settings {
    trap "rm -f $data" 0 1 2 5 15
    dialog --backtitle $"Freedombone Control Panel" \
           --title $"Security Settings" \
-           --radiolist $"Choose an operation:" 16 76 16 \
-           1 $"Regenerate ssh host keys" off \
-           2 $"Regenerate Diffie-Hellman keys" off \
-           3 $"Update cipersuite" off \
-           4 $"Create a new Let's Encrypt certificate" off \
-           5 $"Renew Let's Encrypt certificate" off \
-           6 $"Enable GPG based authentication (monkeysphere)" off \
-           7 $"Register a website with monkeysphere" off \
-           8 $"Allow ssh login with passwords" off \
-           9 $"Go Back/Exit" on 2> $data
+           --radiolist $"Choose an operation:" 17 76 17 \
+           1 $"Show ssh host public key" off \
+           2 $"Regenerate ssh host keys" off \
+           3 $"Regenerate Diffie-Hellman keys" off \
+           4 $"Update cipersuite" off \
+           5 $"Create a new Let's Encrypt certificate" off \
+           6 $"Renew Let's Encrypt certificate" off \
+           7 $"Enable GPG based authentication (monkeysphere)" off \
+           8 $"Register a website with monkeysphere" off \
+           9 $"Allow ssh login with passwords" off \
+           10 $"Go Back/Exit" on 2> $data
    sel=$?
    case $sel in
        1) exit 1;;
@ -722,33 +723,38 @@ function menu_security_settings {

    case $(cat $data) in
        1)
-            regenerate_ssh_host_keys
+            dialog --title $"SSH host public key" \
+                   --msgbox "$(get_ssh_server_key)" 6 70
+            exit 0
            ;;
        2)
-            regenerate_dh_keys
+            regenerate_ssh_host_keys
            ;;
        3)
+            regenerate_dh_keys
+            ;;
+        4)
            interactive_setup
            update_ciphersuite
            ;;
-        4)
+        5)
            create_letsencrypt
            ;;
-        5)
+        6)
            renew_letsencrypt
            ;;
-        6)
+        7)
            enable_monkeysphere
            ;;
-        7)
+        8)
            register_website
            ;;
-        8)
+        9)
            allow_ssh_passwords
            change_ssh_settings
            exit 0
            ;;
-        9)
+        10)
            exit 0
            ;;
    esac
--- a/src/freedombone-utils-ssh
+++ b/src/freedombone-utils-ssh
@ -152,4 +152,8 @@ function configure_firewall_for_ssh {
    mark_completed $FUNCNAME
 }

+function get_ssh_server_key {
+    echo $(ssh-keygen -lf /etc/ssh/ssh_host_rsa_key.pub | awk -F ' ' '{print $2}')
+}
+
 # NOTE: deliberately no exit 0