From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from svn.comics.unina.it (unknown [143.225.229.147]) by huchra.bufferbloat.net (Postfix) with ESMTP id 1B840201756 for ; Fri, 27 May 2011 15:48:56 -0700 (PDT) Received: from www-data by svn.comics.unina.it with local (Exim 4.69) (envelope-from ) id 1QQ4vm-0003Mo-2X for bismark-commits@lists.bufferbloat.net; Fri, 27 May 2011 23:50:54 +0200 To: bismark-commits@lists.bufferbloat.net From: walter@svn.comics.unina.it Message-Id: Date: Fri, 27 May 2011 23:50:54 +0200 X-Mailman-Approved-At: Fri, 27 May 2011 16:08:35 -0700 Subject: [Bismark-commits] rev 356 - trunk/device/OpenWrt_common/scripts trunk/server/keys trunk/server/scripts X-BeenThere: bismark-commits@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Commit log for the bismark source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 May 2011 22:48:56 -0000 Author: walter Date: 2011-05-27 23:50:54 +0200 (Fri, 27 May 2011) New Revision: 356 Modified: trunk/device/OpenWrt_common/scripts/bismark-measure-active trunk/device/OpenWrt_common/scripts/bismark-rshell trunk/server/keys/authorized_keys trunk/server/scripts/brsh Log: applied new ssh auth restrictions: only scp and rshell Modified: trunk/device/OpenWrt_common/scripts/bismark-measure-active =================================================================== --- trunk/device/OpenWrt_common/scripts/bismark-measure-active 2011-05-27 21:36:30 UTC (rev 355) +++ trunk/device/OpenWrt_common/scripts/bismark-measure-active 2011-05-27 21:50:54 UTC (rev 356) @@ -200,4 +200,4 @@ mv $XML_FILE /tmp/bismark/data # Upload result -scp -i $SSH_KEY /tmp/bismark/data/*.xml $USER@$SERVER:~/var/data && rm /tmp/bismark/data/*.xml +scp -i $SSH_KEY /tmp/bismark/data/*.xml $USER@$SERVER:var/data && rm /tmp/bismark/data/*.xml Modified: trunk/device/OpenWrt_common/scripts/bismark-rshell =================================================================== --- trunk/device/OpenWrt_common/scripts/bismark-rshell 2011-05-27 21:36:30 UTC (rev 355) +++ trunk/device/OpenWrt_common/scripts/bismark-rshell 2011-05-27 21:50:54 UTC (rev 356) @@ -22,9 +22,7 @@ else # Create new recovery tunnel port=$(random $BASE_PORT $MAX_PORT) - ( ssh $KEEP_ALIVE -N -i $SSH_KEY -R $port:127.0.0.1:22 $USER@$SERVER >/dev/null 2>&1 & ) - sleep 2 - ssh -i $SSH_KEY $USER@$SERVER "bin/bdm updatetunnels" + ( ssh $KEEP_ALIVE -i $SSH_KEY -R $port:127.0.0.1:22 $USER@$SERVER "rshell $DEVICE_ID $port" >/dev/null 2>&1 & ) echo $! > /tmp/bismark/var/tunnel fi fi Modified: trunk/server/keys/authorized_keys =================================================================== --- trunk/server/keys/authorized_keys 2011-05-27 21:36:30 UTC (rev 355) +++ trunk/server/keys/authorized_keys 2011-05-27 21:50:54 UTC (rev 356) @@ -1,5 +1,5 @@ ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAlkC49G7meag6BIA4lu44nqcTTWY3rG2EB+SYc7BmbS2jEVuEwtQCZB9BSyIqqz4AkMbNaKWfUkrZjI7v4NXwGabTLuLSrW9NQ4XAhxiC5vdTj59aNrk6tjutZWmLZ4yQY7zNSNC//N1JgMeG8MeuEwg5xjGuXtZCYS9/2Oay/o/8OEM5BcJ3AE8Ypguz0c/J+5qXMm5ephPkVljYULDVVOPoKfhMqIy61rVOt8B54CmzVmMqJSwmCEqHCvUkAtg3eJcgMUOKtkURxSTgDOU8hSmPJTO4mvKpLywY6X9rwipL9zIGSkd+qI/Lqu/tbydgxT9P3Dza0DbX6fJl5RLYEQ== walter@frankie -command="bin/bdm updatetunnels",no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCOk/RAmZsX6q/KFtEM4+8fz7KK1BxKERH8ehX3nZVO+pSyyGPRwOuTs7V/TgHoXLAqBiVrS+GKSrkTAydXftSHE2cZcHZQWQEmHAbArEMCA8rgkLXDmT70Ee4xelA1CLmC8o7fHv40D30Fi2LMAWYZLl0HWiN7fbboYJ3Wm4E+WJYF box@bismark +no-pty,command="bin/brsh" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCOk/RAmZsX6q/KFtEM4+8fz7KK1BxKERH8ehX3nZVO+pSyyGPRwOuTs7V/TgHoXLAqBiVrS+GKSrkTAydXftSHE2cZcHZQWQEmHAbArEMCA8rgkLXDmT70Ee4xelA1CLmC8o7fHv40D30Fi2LMAWYZLl0HWiN7fbboYJ3Wm4E+WJYF box@bismark no-pty ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAurlCSClLgAKCPZcHFmoBHv871Ok9a0Tic+QXrlm7K54IDAgJtfPMKtyhul3o67uSREJbJR2ZyN0KGFSNgnV0qsJRn+P1cZIgpPUm19QMn+ci2dQVHo5zydrYiqXa3zbLvrcqRZVMLgm2NAZV9QOaLJbHkPNzdDmph4RLxl+fTLIUAiXuKqaQIUkYn3Cx+vwKRce/7PB+/K6byWC4BNR4tqVHp2WpMJoWpeRrKrml90qe7KaFYdax95lolnuVV6zcXH1+y2NtZ066dZppg1akHx3QgKQDx2qJkpqmeMYnhiF12utYoCOVWj573o8dVxC6oskidQlrnU+wqiivx8uv1w== root@noxbox ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0zYyfq5S6AbDxvOdy0ufgtVJSgJ3LwhzHGVDgurYObDndU7D7YCmp6acxyKjNRGDk+aUqvUnjLko4tro7iQxD5XOqS3Te981D+pTq0hcZHWGMn9YPPhEu2CXUg7xNRqQgi7CQhxrH0DnWEGnUcsKFCrrMGownyjAsS8qgVg05MRlzc1HoM4AbUhH7fqwyH7R68lssdgFx0kKj26D/Osd3dl6iGERGrWlfySZ8ERPRQDMums3RNPhPkFH1yJ84A2FKuj+mlUdb64jz3qDORqIHbOPxtRoCWK2g7FhNWCmOTev1ziov1oNvdwxLjwh/CYsDoVqqy+hPJpFb6F43ph/9w== srikanth@galapagos ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvN/AV+iW/UXxZrbqREk/a/rERlh73JpE8tDeE3HRAngV3y0GDax5KE2cBs5cxOAt2Yd0t/wzb0litKR3oRVjQxchNnoTGfcQkpq6sOIuAPgZiY+h91hjFYs28rDbf0JzvP8WWhM54NDbnPUsMoc0DC+Jc0IQ11VQ6k8O1BwOgiM= bismark@dp4 Modified: trunk/server/scripts/brsh =================================================================== --- trunk/server/scripts/brsh 2011-05-27 21:36:30 UTC (rev 355) +++ trunk/server/scripts/brsh 2011-05-27 21:50:54 UTC (rev 356) @@ -7,18 +7,17 @@ # # author: walter.dedonato@unina.it -#echo $SSH_ORIGINAL_COMMAND - +# Include configuration . ~/etc/bdm.conf cmd=$(echo "$SSH_ORIGINAL_COMMAND" | gawk ' - ($1 == "scp") && ($(NF-1) ~ "-t") && ($NF ~ "^var/data/") && ! ($NF ~ "\\.\\.") && ! /[;$`]/ { print } + ($1 == "scp") && ($(NF-1) ~ "-t") && ($NF ~ "var/data/") && ! ($NF ~ "\\.\\.") && ! /[;$`]/ { print } ($1 == "rshell") && ! /[;$`]/ { print "bdm settunnel " $2 " " $3 } ') $cmd -if [ ${cmd:0:3} == "bdm" ]; then +if [ "${cmd:0:3}" == "bdm" ]; then while [ true ]; do read done