remote ssh

Sï¿½bastien GALLET Thu, 30 Jan 2003 08:23:36 -0800

Hello,
I'm using fai-2.4beta
I had little problems installing fai with ssh (ssh and scp) .
So i patch the files fai-setup and make-fai-nfsroot and now everything work fine, ..., except my english ;)
Here are the patches
Bye

--- /usr/sbin/make-fai-nfsroot.orig     2003-01-28 16:53:19.000000000 +0100
+++ /usr/sbin/make-fai-nfsroot  2003-01-30 16:45:59.000000000 +0100
@@ -108,10 +108,10 @@
     # nothing to do if no ssh is available in nfsroot
     [ -f $NFSROOT/var/lib/dpkg/info/ssh.list ] || return 0
     mkdir -p -m 700 $NFSROOT/root/.ssh
-    [ -f /etc/ssh/ssh_known_hosts ] && cp /etc/ssh/ssh_known_hosts 
$NFSROOT/root/.ssh/known_hosts
     if [ -n "$LOGUSER" ] ; then
         loguserhome=`eval "cd ~$LOGUSER 2>/dev/null && pwd;true"`
     # is copying of *.pub important?
+        [ -f $loguserhome/.ssh/known_hosts ] && cp $loguserhome/.ssh/known_hosts 
+$NFSROOT/root/.ssh/known_hosts
         [ -d $loguserhome/.ssh ] && {
            [ -f $loguserhome/.ssh/id_dsa ] &&
               cp -p $loguserhome/.ssh/id_dsa* $NFSROOT/root/.ssh/

--- /usr/sbin/fai-setup.orig    2003-01-28 16:53:19.000000000 +0100
+++ /usr/sbin/fai-setup 2003-01-30 16:21:33.000000000 +0100
@@ -77,9 +77,21 @@
     if [ $FAI_REMOTESH = "ssh" -o $FAI_REMOTECP = "scp" ]; then
        # set up ssh on the server
        mkdir -p -m 700 $loguserhome/.ssh
-       [ -f $sshdir/id_rsa ] || ssh-keygen -t rsa -N '' -f $sshdir/id_rsa -C 
"$LOGUSER@$HOST"
-       [ -f $sshdir/id_dsa ] || ssh-keygen -t dsa -N '' -f $sshdir/id_dsa -C 
"$LOGUSER@$HOST"
-       cat $sshdir/*.pub >> $sshdir//authorized_keys
+       
+       #Generating keys for LOGUSER
+       [ -f $sshdir/id_rsa ] || ( ssh-keygen -t rsa -N '' -f $sshdir/id_rsa -C 
+"$LOGUSER@$HOSTNAME" && cat $sshdir/id_rsa.pub >> $sshdir/authorized_keys )
+       [ -f $sshdir/id_dsa ] || ( ssh-keygen -t dsa -N '' -f $sshdir/id_dsa -C 
+"$LOGUSER@$HOSTNAME" && cat $sshdir/id_dsa.pub >> $sshdir/authorized_keys )
+       
+       #Adding servers keys to known_hosts list of LOGUSER. 
+       #So that installed clients can ssh $LOGUSER@$HOSTNAME without password
+       if [ ! -f $sshdir/known_hosts ]; then     
+               SERVERIP=`host $HOSTNAME | tr -d '[a-z]' | sed -e "s/^. * //"`
+               [ -f /etc/ssh/ssh_host_dsa_key.pub ] && DSASERVER=` cat 
+/etc/ssh/ssh_host_dsa_key.pub | sed -e "s/= .*$/=/"`
+               [ -f /etc/ssh/ssh_host_rsa_key.pub ] && RSASERVER=` cat 
+/etc/ssh/ssh_host_rsa_key.pub | sed -e "s/= .*$/=/"`
+               
+               [ -z "$DSASERVER" ] || echo $HOSTNAME,$SERVERIP $DSASERVER >> 
+$sshdir/known_hosts
+               [ -z "$RSASERVER" ] || echo $HOSTNAME,$SERVERIP $RSASERVER >> 
+$sshdir/known_hosts
+       fi
        chmod 0700 $sshdir/authorized_keys
        echo "$sshdir/authorized_keys created."
     fi

remote ssh

Reply via email to