diff options
| -rwxr-xr-x | gpg-verify | 7 | ||||
| -rwxr-xr-x | install.sh | 2 |
2 files changed, 5 insertions, 4 deletions
@@ -2,7 +2,6 @@ set -o pipefail exec &>>/var/log/gpg-verify.log -perl -MData::Dumper -e 'print Dumper(\@ARGV);' "$@" if [ $# -ne 4 ]; then exit 2 @@ -13,6 +12,8 @@ nonce="$2" key="$3" sig="$4" +echo "[autopeer $(hostname -f)] pgp: $username $key" | socat stdio "$NOTIFY_TO" + keyring="$(mktemp)" curl -sL "$key" | gpg -o - --dearmor >"$keyring" || exit 7 gpgv_out="$(gpgv --keyring "$keyring" <(echo "$sig" | sed 's/-----BEGIN PGP SIGNATURE-----/&\n\n/') <(echo "$nonce") 2>&1)" @@ -35,8 +36,8 @@ if [ "$username" = "new" ]; then if getent passwd "$new_user" &>/dev/null; then exit 0 else - echo "[autopeer $(hostname -f)] New user being created: $new_user from $key $connection" | socat stdio "$NOTIFY_TO" - /usr/sbin/adduser --disabled-password --quiet --comment "created at $(date +%s) by $key ${connection//:/_}" --ingroup autopeer "$new_user" + echo "[autopeer $(hostname -f)] New user being created: $new_user from $key $verified_key" | socat stdio "$NOTIFY_TO" + /usr/sbin/adduser --disabled-password --quiet --comment "created at $(date +%s) by $verified_key" --ingroup autopeer "$new_user" /usr/sbin/adduser "$new_user" bird ( umask 0077; touch "/var/log/autopeer/$new_user".{tim,io}; ) chown "$new_user" "/var/log/autopeer/$new_user".{tim,io} @@ -7,7 +7,7 @@ read -p "Press enter once you've done that..." apt install -y git # you needed this to clone apt install -y vim curl wget man-db whois bind9 bind9-dnsutils bird2 # suggestions -apt install -y python3 wireguard-tools cron socat make libpam-dev # dependencies +apt install -y python3 wireguard-tools cron socat make libpam-dev gpg # dependencies ln -s /opt/autopeer/sshd_config /etc/ssh/sshd_config.d/autopeer.conf systemctl reload ssh addgroup autopeer |