diff options
Diffstat (limited to 'sshd_wizard')
-rwxr-xr-x | sshd_wizard/Sshd.pm | 94 |
1 files changed, 90 insertions, 4 deletions
diff --git a/sshd_wizard/Sshd.pm b/sshd_wizard/Sshd.pm index 96e4299e..42e0fa69 100755 --- a/sshd_wizard/Sshd.pm +++ b/sshd_wizard/Sshd.pm @@ -31,6 +31,8 @@ use Libconf::Glueconf::Ssh::Sshd_config; my $wiz = new MDK::Wizard::Wizcommon; my $conf = "/etc/ssh/sshd_config"; +my $DOMAINNAME = chomp_(`dnsdomainname`); +my $SHORTHOSTNAME = chomp_(`hostname -s`); # remove anoying \t in /etc/ssh/sshd_config to permit Glueconf to read it substInFile { s/\t/ /gi } $conf; @@ -42,9 +44,9 @@ use Data::Dumper; print Dumper($sshd); my $o = { - name => 'Samba wizard', + name => 'Ssh wizard', var => { - wiz_ => '', + wiz_port => '', }, init => sub { test_host_domain($SHORTHOSTNAME, $DOMAINNAME); @@ -55,11 +57,55 @@ my $o = { my @yesorno = qw(yes no); push @yesorno, ""; +my %type = ( + 1 => N('Classical Ssh server'), + 2 => N('Permit Ssh login only with authorized_keys'), + ); $o->{pages} = { welcome => { - name => N(''), + name => N('Ssh server configuration'), + post => sub { + if ($o->{var}{wiz_type} == 2) { + return 'via_auth' } + elsif ($o->{var}{wiz_type} == 1) { + return 'classical' } + }, + data => [ + { label => N("Wich type of Ssh server do you you want:"), val => \$o->{var}{wiz_type}, list => [ keys %type ], format => sub { $type{$_[0]} } }, + ], }, + classical => { + name => N('Ssh server'), + pre => sub { + $sshd->{Protocol} and $o->{var}{wiz_protocol} = $sshd->{Protocol} or $o->{var}{wiz_protocol} = "2"; + }, + data => [ + { label => N('Protocol:'), fixed_val => \$o->{var}{wiz_protocol} }, + ], + next => 'config_step1', + }, + config_step1 => { + name => N('Ssh server, classical options'), + pre => sub { + $sshd->{Port} and $o->{var}{wiz_port} = $sshd->{Port} or $o->{var}{wiz_port} = "22"; + }, + data => [ + { label => N('Port number:'), val => \$o->{var}{wiz_port}, help => N('Default port is 22.') }, + ], + complete => sub { + if ($o->{var}{wiz_port} !~ /^\d+$/) { $::in->ask_warn(N('Error'), N('Port should be a number')); return 1; } + }, + post => \&do_it, +# next => 'config_step2', + next => 'end', + }, + config_step2 => { + next => 'config_step3', + }, + config_step3 => { + + }, end => { name => N('Congratulations') . "\n\n" . N('The wizard successfully configured your Ssh server.'), no_back => 1, @@ -89,12 +135,52 @@ sub write_conf_restart_ssh { } else { services::start('sshd') } } +sub auth_by_file() { +} + +sub global_config() { + $sshd->{Port} = $o->{var}{wiz_port}; + # force sshd protocol 2 + $sshd->{ListenAddress} and delete $sshd->{ListenAddress}; + $sshd->{Protocol} = "2"; +#ListenAddress 0.0.0.0 + + $sshd->{SyslogFacility} = "AUTH"; + $sshd->{LogLevel} = "INFO"; + +#$sshd->{LoginGraceTime} 120 +#$sshd->{PermitRootLogin} no +#$sshd->{StrictModes} yes + +#$sshd->{RSAAuthentication} yes +#$sshd->{PubkeyAuthentication} yes + $sshd->{AuthorizedKeysFile} = ".ssh/authorized_keys2"; +#$sshd->{PasswordAuthentication} no + +#$sshd->{RhostsAuthentication} no +#$sshd->{IgnoreRhosts} yes +#$sshd->{PermitEmptyPasswords} no +#$sshd->{KeepAlive} yes + + +#$sshd->{X11Forwarding} no +#$sshd->{PrintMotd} yes +#$sshd->{PrintLastLog} no +#$sshd->{Compression} yes +#$sshd->{UsePrivilegeSeparation} yes + +#$sshd->{MaxStartups} 10 +#$sshd->{Subsystem} sftp /usr/libexec/sftp-server +#$sshd->{AllowUsers} +} + sub do_it { $::testing and return; # display a wait dialog box my $in = 'interactive'->vnew('su', 'Ssh'); my $w = $in->wait_message(N("Ssh server"), N("Configuring your Ssh server...")); - write_conf_restart_sshd(); + global_config(); + write_conf_restart_ssh(); # remove wait message undef $w; check_started('sshd'); |