3 # ssh-user-config, Copyright 2000, 2001, 2002, 2003, Red Hat Inc.
5 # This file is part of the Cygwin port of OpenSSH.
7 # Directory where the config files are stored
17 if [ "${auto_answer}" = "yes" ]
20 elif [ "${auto_answer}" = "no" ]
26 while [ "X${answer}" != "Xyes" -a "X${answer}" != "Xno" ]
28 echo -n "$1 (yes/no) "
31 if [ "X${answer}" = "Xyes" ]
39 # Check if running on NT
41 _nt=`expr "$_sys" : "CYGWIN_NT"`
42 # If running on NT, check if running under 2003 Server or later
45 _nt2003=`uname | awk -F- '{print ( $2 >= 5.2 ) ? 1 : 0;}'`
81 echo "usage: ${progname} [OPTION]..."
83 echo "This script creates an OpenSSH user configuration."
86 echo " --debug -d Enable shell's debug output."
87 echo " --yes -y Answer all questions with \"yes\" automatically."
88 echo " --no -n Answer all questions with \"no\" automatically."
89 echo " --passphrase -p word Use \"word\" as passphrase automatically."
97 # Ask user if user identity should be generated
99 if [ ! -f ${SYSCONFDIR}/passwd ]
101 echo "${SYSCONFDIR}/passwd is nonexistant. Please generate an ${SYSCONFDIR}/passwd file"
102 echo 'first using mkpasswd. Check if it contains an entry for you and'
103 echo 'please care for the home directory in your entry as well.'
108 pwdhome=`awk -F: '{ if ( $3 == '${uid}' ) print $6; }' < ${SYSCONFDIR}/passwd`
110 if [ "X${pwdhome}" = "X" ]
112 echo "There is no home directory set for you in ${SYSCONFDIR}/passwd."
113 echo 'Setting $HOME is not sufficient!'
117 if [ ! -d "${pwdhome}" ]
119 echo "${pwdhome} is set in ${SYSCONFDIR}/passwd as your home directory"
120 echo 'but it is not a valid directory. Cannot create user identity files.'
124 # If home is the root dir, set home to empty string to avoid error messages
125 # in subsequent parts of that script.
126 if [ "X${pwdhome}" = "X/" ]
128 # But first raise a warning!
129 echo "Your home directory in ${SYSCONFDIR}/passwd is set to root (/). This is not recommended!"
130 if request "Would you like to proceed anyway?"
138 if [ -d "${pwdhome}" -a $_nt -gt 0 -a -n "`chmod -c g-w,o-w "${pwdhome}"`" ]
141 echo 'WARNING: group and other have been revoked write permission to your home'
142 echo " directory ${pwdhome}."
143 echo ' This is required by OpenSSH to allow public key authentication using'
144 echo ' the key files stored in your .ssh subdirectory.'
145 echo ' Revert this change ONLY if you know what you are doing!'
149 if [ -e "${pwdhome}/.ssh" -a ! -d "${pwdhome}/.ssh" ]
151 echo "${pwdhome}/.ssh is existant but not a directory. Cannot create user identity files."
155 if [ ! -e "${pwdhome}/.ssh" ]
157 mkdir "${pwdhome}/.ssh"
158 if [ ! -e "${pwdhome}/.ssh" ]
160 echo "Creating users ${pwdhome}/.ssh directory failed"
168 if [ $_nt2003 -gt 0 ]
170 grep -q '^sshd_server:' ${SYSCONFDIR}/passwd && _user="sshd_server"
172 if ! setfacl -m "u::rwx,u:${_user}:r--,g::---,o::---" "${pwdhome}/.ssh"
174 echo "${pwdhome}/.ssh couldn't be given the correct permissions."
175 echo "Please try to solve this problem first."
180 if [ ! -f "${pwdhome}/.ssh/identity" ]
182 if request "Shall I create an SSH1 RSA identity file for you?"
184 echo "Generating ${pwdhome}/.ssh/identity"
185 if [ "${with_passphrase}" = "yes" ]
187 ssh-keygen -t rsa1 -N "${passphrase}" -f "${pwdhome}/.ssh/identity" > /dev/null
189 ssh-keygen -t rsa1 -f "${pwdhome}/.ssh/identity" > /dev/null
191 if request "Do you want to use this identity to login to this machine?"
193 echo "Adding to ${pwdhome}/.ssh/authorized_keys"
194 cat "${pwdhome}/.ssh/identity.pub" >> "${pwdhome}/.ssh/authorized_keys"
199 if [ ! -f "${pwdhome}/.ssh/id_rsa" ]
201 if request "Shall I create an SSH2 RSA identity file for you?"
203 echo "Generating ${pwdhome}/.ssh/id_rsa"
204 if [ "${with_passphrase}" = "yes" ]
206 ssh-keygen -t rsa -N "${passphrase}" -f "${pwdhome}/.ssh/id_rsa" > /dev/null
208 ssh-keygen -t rsa -f "${pwdhome}/.ssh/id_rsa" > /dev/null
210 if request "Do you want to use this identity to login to this machine?"
212 echo "Adding to ${pwdhome}/.ssh/authorized_keys"
213 cat "${pwdhome}/.ssh/id_rsa.pub" >> "${pwdhome}/.ssh/authorized_keys"
218 if [ ! -f "${pwdhome}/.ssh/id_dsa" ]
220 if request "Shall I create an SSH2 DSA identity file for you?"
222 echo "Generating ${pwdhome}/.ssh/id_dsa"
223 if [ "${with_passphrase}" = "yes" ]
225 ssh-keygen -t dsa -N "${passphrase}" -f "${pwdhome}/.ssh/id_dsa" > /dev/null
227 ssh-keygen -t dsa -f "${pwdhome}/.ssh/id_dsa" > /dev/null
229 if request "Do you want to use this identity to login to this machine?"
231 echo "Adding to ${pwdhome}/.ssh/authorized_keys"
232 cat "${pwdhome}/.ssh/id_dsa.pub" >> "${pwdhome}/.ssh/authorized_keys"
237 if [ $_nt -gt 0 -a -e "${pwdhome}/.ssh/authorized_keys" ]
239 if ! setfacl -m "u::rw-,u:${_user}:r--,g::---,o::---" "${pwdhome}/.ssh/authorized_keys"
242 echo "WARNING: Setting correct permissions to ${pwdhome}/.ssh/authorized_keys"
243 echo "failed. Please care for the correct permissions. The minimum requirement"
244 echo "is, the owner and ${_user} both need read permissions."
250 echo "Configuration finished. Have fun!"