From e15f27b722c44046f77cf953103d2d86d7c36097 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@robotics.uk.to>
Date: Sat, 24 Jan 2015 19:54:53 +0000
Subject: [PATCH] Client configuration command

---
 Makefile                       |   2 ++
 debian.sh                      |   1 +
 debian/source/include-binaries |   1 +
 man/freedombone-client.1.gz    | Bin 0 -> 718 bytes
 src/freedombone                |  30 +++++++++++++++++-------------
 5 files changed, 21 insertions(+), 13 deletions(-)
 create mode 100644 man/freedombone-client.1.gz

diff --git a/Makefile b/Makefile
index 5406fd07..3abea175 100644
--- a/Makefile
+++ b/Makefile
@@ -17,10 +17,12 @@ install:
 	install -m 644 man/${APP}.1.gz ${DESTDIR}${PREFIX}/share/man/man1
 	install -m 644 man/${APP}-prep.1.gz ${DESTDIR}${PREFIX}/share/man/man1
 	install -m 644 man/${APP}-tordongle.1.gz ${DESTDIR}${PREFIX}/share/man/man1
+	install -m 644 man/${APP}-client.1.gz ${DESTDIR}${PREFIX}/share/man/man1
 uninstall:
 	rm -f ${PREFIX}/share/man/man1/${APP}.1.gz
 	rm -f ${PREFIX}/share/man/man1/${APP}-prep.1.gz
 	rm -f ${PREFIX}/share/man/man1/${APP}-tordongle.1.gz
+	rm -f ${PREFIX}/share/man/man1/${APP}-client.1.gz
 	rm -rf ${PREFIX}/share/${APP}
 	rm -f ${PREFIX}/bin/${APP}
 	rm -f ${PREFIX}/bin/${APP}-prep
diff --git a/debian.sh b/debian.sh
index 2bc41631..ee1ebdb6 100755
--- a/debian.sh
+++ b/debian.sh
@@ -11,6 +11,7 @@ sed -i 's/VERSION='${PREV_VERSION}'/VERSION='${VERSION}'/g' Makefile
 sed -i 's/VERSION="'${PREV_VERSION}'"/VERSION="'${VERSION}'"/g' src/freedombone
 sed -i 's/VERSION="'${PREV_VERSION}'"/VERSION="'${VERSION}'"/g' src/freedombone-prep
 sed -i 's/VERSION="'${PREV_VERSION}'"/VERSION="'${VERSION}'"/g' src/freedombone-tordongle
+sed -i 's/VERSION="'${PREV_VERSION}'"/VERSION="'${VERSION}'"/g' src/freedombone-client
 
 # change the parent directory name to debian format
 mv ../${APP} ../${DIR}
diff --git a/debian/source/include-binaries b/debian/source/include-binaries
index 582888f7..13ac9c4b 100644
--- a/debian/source/include-binaries
+++ b/debian/source/include-binaries
@@ -1,3 +1,4 @@
 man/freedombone.1.gz
 man/freedombone-prep.1.gz
 man/freedombone-tordongle.1.gz
+man/freedombone-client.1.gz
diff --git a/man/freedombone-client.1.gz b/man/freedombone-client.1.gz
new file mode 100644
index 0000000000000000000000000000000000000000..bc756500b4ab5586e9e06edcf3a22a58c943450a
GIT binary patch
literal 718
zcmV;<0x|s`iwFR(_rp{G1C3KzZ__{!e)q2!`K3>BXaT822$7VMrsPtcP=S!pdUs+k
zv3ITAank&IW*zsS6p1KO?76=q$?6I=4pG@Evj%&z)MyA!AwGKp*TTTrtJAkJ#QgpI
zSO#m4?!?1Pm`0Rw6eZ~u#Pi|oGLBxD_M-<W%ElpdflA0i8}zWT4s1=j5+!Iu=xmKn
zWV+OJfW4*y1U%jA51z2<_NCwEi)A`V;|Tck_uj7T(`9;bGg+=Ci+LQa3XGD`OU2Sw
zl`slwXLnlhZ34Wm>Jniu4nP+C5yE)B?oYL8?m93Y_Jx)ONNWsA3YE`pMz=$kz=S}Q
z4ABD`=?;wA8cq^vll#!7IgG+1IP}_+FcL$!7T)U}9{G{j_9Y#*$vj;Rr_<pP+++g>
z+dv_>nhFGknPv%VA-5uLL#8c|9Q@UI8bmE~s@~?%(@#nHd6(SXCEOoH3wJ!*2;wWs
z!@~q+_olQ$wW~@&=!r>C2!Tay7(mIQQgU1(YU<@k4~bk8C@o5xx9RXI%RpB_RQo}{
z&yk|Z5|*W(312wbe{x^jBNaRkRbq?xD>{nS>2S=pyk@-M8uJhJZOe>f95vY**p_U8
zZFuaw3K_Cl@m^-uENBy;KhZjY+rY8+1#I!a7UG5+4O^O!IiZu_s@z(BRw!DlD8->5
z@!mSsjjX_jU%_l`!u#QITHx975f$6C(w?WX5`u^&=J?(=r2<cy2{wFHn71`{-`@GK
zL>tDZxSX>Y%axU_&sYjh-8*Zv9`hgT25ajGvW6WhC~)^*^7OU$4f<}>aJ{-(+{Dqy
zW-zlvPE_zdv)M;yGfP_fq}e89KSW99qUCtmA1}uPxE#JaKf8Q=-bP27D)gRRJb=-x
zcP4L}q8jbKs*SrUruO?v`TAn}1@+3hHTrbgcHLq&Xb<Ll|J)V*2HH+X<M;#s06BAM
AivR!s

literal 0
HcmV?d00001

diff --git a/src/freedombone b/src/freedombone
index 9cc118c4..a77a40ee 100755
--- a/src/freedombone
+++ b/src/freedombone
@@ -4260,10 +4260,6 @@ function configure_ssh {
 # see https://stribika.github.io/2015/01/04/secure-secure-shell.html
 function ssh_remove_small_moduli {
   awk '$5 > 2000' /etc/ssh/moduli > ~/moduli
-  if [[ $((wc -l ~/moduli | awk -F ' ' '{print $1}')) < 150 ]]; then
-      echo 'Not enough moduli > 2000'
-      exit 57824
-  fi
   mv ~/moduli /etc/ssh/moduli
 }
 
@@ -4271,24 +4267,32 @@ function configure_ssh_client {
   if grep -Fxq "configure_ssh_client" $COMPLETION_FILE; then
       return
   fi
-  #sed 's/#   PasswordAuthentication.*/   PasswordAuthentication no/g' /etc/ssh/ssh_config
-  #sed 's/#   ChallengeResponseAuthentication.*/   ChallengeResponseAuthentication no/g' /etc/ssh/ssh_config
-  sed "s/#   HostKeyAlgorithms.*/   HostKeyAlgorithms $SSH_HOST_KEY_ALGORITHMS/g" /etc/ssh/ssh_config
-  sed "s/#   Ciphers.*/   Ciphers $SSH_CIPHERS/g" /etc/ssh/ssh_config
-  sed "s/#   MACs.*/   MACs $SSH_MACS/g" /etc/ssh/ssh_config
+  #sed -i 's/#   PasswordAuthentication.*/   PasswordAuthentication no/g' /etc/ssh/ssh_config
+  #sed -i 's/#   ChallengeResponseAuthentication.*/   ChallengeResponseAuthentication no/g' /etc/ssh/ssh_config
+  sed -i "s/#   HostKeyAlgorithms.*/   HostKeyAlgorithms $SSH_HOST_KEY_ALGORITHMS/g" /etc/ssh/ssh_config
+  sed -i "s/#   Ciphers.*/   Ciphers $SSH_CIPHERS/g" /etc/ssh/ssh_config
+  sed -i "s/#   MACs.*/   MACs $SSH_MACS/g" /etc/ssh/ssh_config
   if ! grep -q "HostKeyAlgorithms" /etc/ssh/ssh_config; then
       echo "   HostKeyAlgorithms $SSH_HOST_KEY_ALGORITHMS" >> /etc/ssh/ssh_config
   fi
-  sed "s/Ciphers.*/Ciphers $SSH_CIPHERS/g" /etc/ssh/ssh_config
+  sed -i "s/Ciphers.*/Ciphers $SSH_CIPHERS/g" /etc/ssh/ssh_config
   if ! grep -q "Ciphers " /etc/ssh/ssh_config; then
       echo "   Ciphers $SSH_CIPHERS" >> /etc/ssh/ssh_config
   fi
-  sed "s/MACs.*/MACs $SSH_MACS/g" /etc/ssh/ssh_config
+  sed -i "s/MACs.*/MACs $SSH_MACS/g" /etc/ssh/ssh_config
   if ! grep -q "MACs " /etc/ssh/ssh_config; then
       echo "   MACs $SSH_MACS" >> /etc/ssh/ssh_config
   fi
-  ssh-keygen -t ed25519 -o -a 100
-  ssh-keygen -t rsa -b 4096 -o -a 100
+
+  # Create ssh keys
+  if [ ! -f ~/.ssh/id_ed25519 ]; then
+      ssh-keygen -t ed25519 -o -a 100
+  fi
+  if [ ! -f ~/.ssh/id_rsa ]; then
+      ssh-keygen -t rsa -b 4096 -o -a 100
+  fi
+
+  ssh_remove_small_moduli
   echo 'configure_ssh_client' >> $COMPLETION_FILE
 }