* [Bismark-commits] rev 356 - trunk/device/OpenWrt_common/scripts trunk/server/keys trunk/server/scripts
@ 2011-05-27 21:50 walter
0 siblings, 0 replies; only message in thread
From: walter @ 2011-05-27 21:50 UTC (permalink / raw)
To: bismark-commits
Author: walter
Date: 2011-05-27 23:50:54 +0200 (Fri, 27 May 2011)
New Revision: 356
Modified:
trunk/device/OpenWrt_common/scripts/bismark-measure-active
trunk/device/OpenWrt_common/scripts/bismark-rshell
trunk/server/keys/authorized_keys
trunk/server/scripts/brsh
Log:
applied new ssh auth restrictions: only scp and rshell
Modified: trunk/device/OpenWrt_common/scripts/bismark-measure-active
===================================================================
--- trunk/device/OpenWrt_common/scripts/bismark-measure-active 2011-05-27 21:36:30 UTC (rev 355)
+++ trunk/device/OpenWrt_common/scripts/bismark-measure-active 2011-05-27 21:50:54 UTC (rev 356)
@@ -200,4 +200,4 @@
mv $XML_FILE /tmp/bismark/data
# Upload result
-scp -i $SSH_KEY /tmp/bismark/data/*.xml $USER@$SERVER:~/var/data && rm /tmp/bismark/data/*.xml
+scp -i $SSH_KEY /tmp/bismark/data/*.xml $USER@$SERVER:var/data && rm /tmp/bismark/data/*.xml
Modified: trunk/device/OpenWrt_common/scripts/bismark-rshell
===================================================================
--- trunk/device/OpenWrt_common/scripts/bismark-rshell 2011-05-27 21:36:30 UTC (rev 355)
+++ trunk/device/OpenWrt_common/scripts/bismark-rshell 2011-05-27 21:50:54 UTC (rev 356)
@@ -22,9 +22,7 @@
else
# Create new recovery tunnel
port=$(random $BASE_PORT $MAX_PORT)
- ( ssh $KEEP_ALIVE -N -i $SSH_KEY -R $port:127.0.0.1:22 $USER@$SERVER >/dev/null 2>&1 & )
- sleep 2
- ssh -i $SSH_KEY $USER@$SERVER "bin/bdm updatetunnels"
+ ( ssh $KEEP_ALIVE -i $SSH_KEY -R $port:127.0.0.1:22 $USER@$SERVER "rshell $DEVICE_ID $port" >/dev/null 2>&1 & )
echo $! > /tmp/bismark/var/tunnel
fi
fi
Modified: trunk/server/keys/authorized_keys
===================================================================
--- trunk/server/keys/authorized_keys 2011-05-27 21:36:30 UTC (rev 355)
+++ trunk/server/keys/authorized_keys 2011-05-27 21:50:54 UTC (rev 356)
@@ -1,5 +1,5 @@
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAlkC49G7meag6BIA4lu44nqcTTWY3rG2EB+SYc7BmbS2jEVuEwtQCZB9BSyIqqz4AkMbNaKWfUkrZjI7v4NXwGabTLuLSrW9NQ4XAhxiC5vdTj59aNrk6tjutZWmLZ4yQY7zNSNC//N1JgMeG8MeuEwg5xjGuXtZCYS9/2Oay/o/8OEM5BcJ3AE8Ypguz0c/J+5qXMm5ephPkVljYULDVVOPoKfhMqIy61rVOt8B54CmzVmMqJSwmCEqHCvUkAtg3eJcgMUOKtkURxSTgDOU8hSmPJTO4mvKpLywY6X9rwipL9zIGSkd+qI/Lqu/tbydgxT9P3Dza0DbX6fJl5RLYEQ== walter@frankie
-command="bin/bdm updatetunnels",no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCOk/RAmZsX6q/KFtEM4+8fz7KK1BxKERH8ehX3nZVO+pSyyGPRwOuTs7V/TgHoXLAqBiVrS+GKSrkTAydXftSHE2cZcHZQWQEmHAbArEMCA8rgkLXDmT70Ee4xelA1CLmC8o7fHv40D30Fi2LMAWYZLl0HWiN7fbboYJ3Wm4E+WJYF box@bismark
+no-pty,command="bin/brsh" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCOk/RAmZsX6q/KFtEM4+8fz7KK1BxKERH8ehX3nZVO+pSyyGPRwOuTs7V/TgHoXLAqBiVrS+GKSrkTAydXftSHE2cZcHZQWQEmHAbArEMCA8rgkLXDmT70Ee4xelA1CLmC8o7fHv40D30Fi2LMAWYZLl0HWiN7fbboYJ3Wm4E+WJYF box@bismark
no-pty ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAurlCSClLgAKCPZcHFmoBHv871Ok9a0Tic+QXrlm7K54IDAgJtfPMKtyhul3o67uSREJbJR2ZyN0KGFSNgnV0qsJRn+P1cZIgpPUm19QMn+ci2dQVHo5zydrYiqXa3zbLvrcqRZVMLgm2NAZV9QOaLJbHkPNzdDmph4RLxl+fTLIUAiXuKqaQIUkYn3Cx+vwKRce/7PB+/K6byWC4BNR4tqVHp2WpMJoWpeRrKrml90qe7KaFYdax95lolnuVV6zcXH1+y2NtZ066dZppg1akHx3QgKQDx2qJkpqmeMYnhiF12utYoCOVWj573o8dVxC6oskidQlrnU+wqiivx8uv1w== root@noxbox
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0zYyfq5S6AbDxvOdy0ufgtVJSgJ3LwhzHGVDgurYObDndU7D7YCmp6acxyKjNRGDk+aUqvUnjLko4tro7iQxD5XOqS3Te981D+pTq0hcZHWGMn9YPPhEu2CXUg7xNRqQgi7CQhxrH0DnWEGnUcsKFCrrMGownyjAsS8qgVg05MRlzc1HoM4AbUhH7fqwyH7R68lssdgFx0kKj26D/Osd3dl6iGERGrWlfySZ8ERPRQDMums3RNPhPkFH1yJ84A2FKuj+mlUdb64jz3qDORqIHbOPxtRoCWK2g7FhNWCmOTev1ziov1oNvdwxLjwh/CYsDoVqqy+hPJpFb6F43ph/9w== srikanth@galapagos
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvN/AV+iW/UXxZrbqREk/a/rERlh73JpE8tDeE3HRAngV3y0GDax5KE2cBs5cxOAt2Yd0t/wzb0litKR3oRVjQxchNnoTGfcQkpq6sOIuAPgZiY+h91hjFYs28rDbf0JzvP8WWhM54NDbnPUsMoc0DC+Jc0IQ11VQ6k8O1BwOgiM= bismark@dp4
Modified: trunk/server/scripts/brsh
===================================================================
--- trunk/server/scripts/brsh 2011-05-27 21:36:30 UTC (rev 355)
+++ trunk/server/scripts/brsh 2011-05-27 21:50:54 UTC (rev 356)
@@ -7,18 +7,17 @@
#
# author: walter.dedonato@unina.it
-#echo $SSH_ORIGINAL_COMMAND
-
+# Include configuration
. ~/etc/bdm.conf
cmd=$(echo "$SSH_ORIGINAL_COMMAND" | gawk '
- ($1 == "scp") && ($(NF-1) ~ "-t") && ($NF ~ "^var/data/") && ! ($NF ~ "\\.\\.") && ! /[;$`]/ { print }
+ ($1 == "scp") && ($(NF-1) ~ "-t") && ($NF ~ "var/data/") && ! ($NF ~ "\\.\\.") && ! /[;$`]/ { print }
($1 == "rshell") && ! /[;$`]/ { print "bdm settunnel " $2 " " $3 }
')
$cmd
-if [ ${cmd:0:3} == "bdm" ]; then
+if [ "${cmd:0:3}" == "bdm" ]; then
while [ true ]; do
read
done
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2011-05-27 22:48 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-05-27 21:50 [Bismark-commits] rev 356 - trunk/device/OpenWrt_common/scripts trunk/server/keys trunk/server/scripts walter
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox