>begin quoting Steven Gauna as of Fri, Feb 01, 2008 at 03:55:16PM -0800: >> This is my first time posting to the mailing list. Please let me know if >> I'm not doing something >> correctly. :X > >Wrap your lines before 80 characters to avoid the long-line-short-line >effect, which is disconcerting for the reader. 72-76 is good, although >anything less than 80 won't give cause for complaint.
I'll remember that from now on. I'm using the gmail web interface to send these messages; its not really set up well for this. :) >> I like the idea of a boot cd. I wrote a little script that makes a user, a >> random password >> sets up ssh on a random port, and sends an email to a designated address >> with information >> regarding the IP of the machine, the password, username, and port of ssh. >> >> This script requires the computer have internet connection, have an SMTP >> agent installed >> like postfix for example. > >So you see this being used for setting up a "please log in an help me" >help-script? > >> So all you should have to do is get a nice boot cd running and configure the >> script into >> the proper run level. >> >> I've posted the script if anyone is interested in looking at it or improving >> it, go right ahead. :) >> http://dextrous.homelinux.org/startup_script >> >> hope it's useful. > >What do you use that's bash-specific? <poke> Hm... $RANDOM? Is that it? > Is there an /bin/sh alternative? I don't know standard sh to be honest. I wanted to make it /bin/sh but I didn't know enough about it to pull it off safely. >Why enforce being root? Maybe an appropriate user-account already >exists; run this script too often, and you'll clutter stuff up. Its meant to run from a boot cd in which the environment isn't saved after its been used, so clutter shouldn't be a problem. >Having each exit code being a different value (to indicate what failed) >is sometimes a good idea. I got lazy and didn't think anyone would care. :X >No special characters in the password? Nope, they can be added into the array easily if you want them. I originally had some in there but took them out for ease on my eyes. >Why use a password? You're using ssh -- use authorized_keys. Yeah, that would probably be easier and more secure. :/ It takes all the fun out of the password generator though. :) >Why the loop for the port? You're already using mod -- mod $RANDOM down >to the range, then add the base in. Errrr, no comment.. *changes code* >Why muck about with modifying sshd_config? You're just going to mess >something up. Wouldn't it be better to run sshd on an alternate port >and leave the existing ssh installation alone? > >And you're stomping on the pre-existing port... bad. > >And what's wrong with port 22 anyway? Since this is supposed to be for a boot cd, I really didn't think stomping over the pre-existing settings was bad. Also, port 22 gets brute forced all the time by scanners. I just thought having another layer of obscurity would make it more fun. >Isn't it traditional to use the << TOKEN syntax to include large chunks >of text in a shell script, like the body of an email message? > >You do not offer the user a chance to abort after telling them what >you want to do. This coupled with must-run-as-root makes this a >rather unfriendly tool... get rid of the little output there is, and >it's sort of dastardly. I really only meant it to be used as a layout for the idea I had in mind. It definitely shouldn't be used as is, I just thought that setting up the idea would get something bigger in motion. Thanks for the comments TC :) >-- >Create me an account! No? >SUDO create me an account! >Stewart Stremler -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
