blob: 7580cdfa2aba35f9a7ffcf1b62e15065dc4ec1f6 (
about) (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
# Wut iz?
OpenSSHd-based autopeering software for use with DN42.
# Any quality?
Don't use this. It's fine though.
# How install?
Set up your dn42 node on Debian with bird2, clone this repo, and then run install.sh.
You probably want to configure sshd with `PasswordAuthentication no`. This doesn't do that for you. (The accounts it creates won't *work* with password auth, but people will still get prompted for a password if their key fails otherwise.)
# How work?
An `sshd_config.d` snippet is installed with AuthorizedKeysCommand and ForceCommand.
`authorized_keys.sh` looks up the user's SSH key(s) in the registry and, if running as the `new` user account, creates a local user account for it (if it doesn't already exist). If the SSH key was found in the registry (for the current user, if not `new`) then SSHD is told to allow the login.
If the user is `new` then the forced command is a short script telling the user to log back in with their username (mntner-name).
Otherwise `autopeer_shell.py` is run as the forced command, which is a fairly simple Python [`cmd`](https://docs.python.org/3/library/cmd.html)-based shell that interacts with an SQLite database.
Every 5 minutes a cronjob calls `cronjob.py` as root which loads the data from SQLite and creates (or deletes) configuration files.
A cronjob is also installed for regular updates of: autopeer itself, ROA, and dn42-registry.
# No worky!
Sorry. Fix it yourself. (I might help a bit, but this is made for me, not for other people.)
# License?
AGPL v3. Very importantly, there is no warranty. Don't use this!
# Where use?
<https://steeri.ng>
|
