summaryrefslogtreecommitdiffstats
path: root/sshd_wizard
diff options
context:
space:
mode:
Diffstat (limited to 'sshd_wizard')
-rwxr-xr-xsshd_wizard/Sshd.pm94
1 files changed, 90 insertions, 4 deletions
diff --git a/sshd_wizard/Sshd.pm b/sshd_wizard/Sshd.pm
index 96e4299e..42e0fa69 100755
--- a/sshd_wizard/Sshd.pm
+++ b/sshd_wizard/Sshd.pm
@@ -31,6 +31,8 @@ use Libconf::Glueconf::Ssh::Sshd_config;
my $wiz = new MDK::Wizard::Wizcommon;
my $conf = "/etc/ssh/sshd_config";
+my $DOMAINNAME = chomp_(`dnsdomainname`);
+my $SHORTHOSTNAME = chomp_(`hostname -s`);
# remove anoying \t in /etc/ssh/sshd_config to permit Glueconf to read it
substInFile { s/\t/ /gi } $conf;
@@ -42,9 +44,9 @@ use Data::Dumper;
print Dumper($sshd);
my $o = {
- name => 'Samba wizard',
+ name => 'Ssh wizard',
var => {
- wiz_ => '',
+ wiz_port => '',
},
init => sub {
test_host_domain($SHORTHOSTNAME, $DOMAINNAME);
@@ -55,11 +57,55 @@ my $o = {
my @yesorno = qw(yes no); push @yesorno, "";
+my %type = (
+ 1 => N('Classical Ssh server'),
+ 2 => N('Permit Ssh login only with authorized_keys'),
+ );
$o->{pages} = {
welcome => {
- name => N(''),
+ name => N('Ssh server configuration'),
+ post => sub {
+ if ($o->{var}{wiz_type} == 2) {
+ return 'via_auth' }
+ elsif ($o->{var}{wiz_type} == 1) {
+ return 'classical' }
+ },
+ data => [
+ { label => N("Wich type of Ssh server do you you want:"), val => \$o->{var}{wiz_type}, list => [ keys %type ], format => sub { $type{$_[0]} } },
+ ],
},
+ classical => {
+ name => N('Ssh server'),
+ pre => sub {
+ $sshd->{Protocol} and $o->{var}{wiz_protocol} = $sshd->{Protocol} or $o->{var}{wiz_protocol} = "2";
+ },
+ data => [
+ { label => N('Protocol:'), fixed_val => \$o->{var}{wiz_protocol} },
+ ],
+ next => 'config_step1',
+ },
+ config_step1 => {
+ name => N('Ssh server, classical options'),
+ pre => sub {
+ $sshd->{Port} and $o->{var}{wiz_port} = $sshd->{Port} or $o->{var}{wiz_port} = "22";
+ },
+ data => [
+ { label => N('Port number:'), val => \$o->{var}{wiz_port}, help => N('Default port is 22.') },
+ ],
+ complete => sub {
+ if ($o->{var}{wiz_port} !~ /^\d+$/) { $::in->ask_warn(N('Error'), N('Port should be a number')); return 1; }
+ },
+ post => \&do_it,
+# next => 'config_step2',
+ next => 'end',
+ },
+ config_step2 => {
+ next => 'config_step3',
+ },
+ config_step3 => {
+
+ },
end => {
name => N('Congratulations') . "\n\n" . N('The wizard successfully configured your Ssh server.'),
no_back => 1,
@@ -89,12 +135,52 @@ sub write_conf_restart_ssh {
} else { services::start('sshd') }
}
+sub auth_by_file() {
+}
+
+sub global_config() {
+ $sshd->{Port} = $o->{var}{wiz_port};
+ # force sshd protocol 2
+ $sshd->{ListenAddress} and delete $sshd->{ListenAddress};
+ $sshd->{Protocol} = "2";
+#ListenAddress 0.0.0.0
+
+ $sshd->{SyslogFacility} = "AUTH";
+ $sshd->{LogLevel} = "INFO";
+
+#$sshd->{LoginGraceTime} 120
+#$sshd->{PermitRootLogin} no
+#$sshd->{StrictModes} yes
+
+#$sshd->{RSAAuthentication} yes
+#$sshd->{PubkeyAuthentication} yes
+ $sshd->{AuthorizedKeysFile} = ".ssh/authorized_keys2";
+#$sshd->{PasswordAuthentication} no
+
+#$sshd->{RhostsAuthentication} no
+#$sshd->{IgnoreRhosts} yes
+#$sshd->{PermitEmptyPasswords} no
+#$sshd->{KeepAlive} yes
+
+
+#$sshd->{X11Forwarding} no
+#$sshd->{PrintMotd} yes
+#$sshd->{PrintLastLog} no
+#$sshd->{Compression} yes
+#$sshd->{UsePrivilegeSeparation} yes
+
+#$sshd->{MaxStartups} 10
+#$sshd->{Subsystem} sftp /usr/libexec/sftp-server
+#$sshd->{AllowUsers}
+}
+
sub do_it {
$::testing and return;
# display a wait dialog box
my $in = 'interactive'->vnew('su', 'Ssh');
my $w = $in->wait_message(N("Ssh server"), N("Configuring your Ssh server..."));
- write_conf_restart_sshd();
+ global_config();
+ write_conf_restart_ssh();
# remove wait message
undef $w;
check_started('sshd');