Bugzilla – Attachment 3207 Details for
Bug 2932
Support customised AuthorizedKeysFile on the remote host
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
[PATCH] Support for sshd authorizedkeysfile variable
0001-Support-for-sshd-authorizedkeysfile-setting.patch (text/plain), 2.32 KB, created by
John Drinkwater
on 2018-11-20 06:37:31 AEDT
(
hide
)
Description:
[PATCH] Support for sshd authorizedkeysfile variable
Filename:
MIME Type:
Creator:
John Drinkwater
Created:
2018-11-20 06:37:31 AEDT
Size:
2.32 KB
patch
obsolete
>From a9cc509e73e814de8d787e268ccca867b32bde9f Mon Sep 17 00:00:00 2001 >From: John Drinkwater <john@nextraweb.com> >Date: Mon, 19 Nov 2018 16:05:15 +0000 >Subject: [PATCH] Support for sshd authorizedkeysfile setting >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >This uses the remote host sshd variable to locate the userâs >authorized_keys file. > >Adjusts the previous comment to no longer say it assumes the location is >.ssh/authorized_keys because it can be elsewhere. > >Also supports %u for $USER %h for $HOME %% for literal % > >If `sshd -T` does not contain a variable for authorizedkeysfile, or that >shell fails, we use the default of .ssh/authorized_keys >--- > ssh-copy-id | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-) > >diff --git a/ssh-copy-id b/ssh-copy-id >index b83b83619896..8553a00fd9e2 100755 >--- a/ssh-copy-id >+++ b/ssh-copy-id >@@ -291,12 +291,13 @@ case "$REMOTE_VERSION" in > fi > ;; > *) >- # Assuming that the remote host treats ~/.ssh/authorized_keys as one might expect >+ # Discovers remote host authorized_keys location via `sshd -T` >+ # default value is: authorizedkeysfile .ssh/authorized_keys .ssh/authorized_keys2 > populate_new_ids 0 > # in ssh below - to defend against quirky remote shells: use 'exec sh -c' to get POSIX; > # 'cd' to be at $HOME; add a newline if it's missing; and all on one line, because tcsh. > [ "$DRY_RUN" ] || printf '%s\n' "$NEW_IDS" | \ >- ssh "$@" "exec sh -c 'cd ; umask 077 ; mkdir -p .ssh && { [ -z "'`tail -1c .ssh/authorized_keys 2>/dev/null`'" ] || echo >> .ssh/authorized_keys ; } && cat >> .ssh/authorized_keys || exit 1 ; if type restorecon >/dev/null 2>&1 ; then restorecon -F .ssh .ssh/authorized_keys ; fi'" \ >+ ssh "$@" "exec sh -c 'cd ; umask 077 ; authorized_keys=\$( sshd -T 2> /dev/null | grep authorizedkeysfile | cut -d\" \" -f2 | sed -e \"s#%h#\$HOME#g; s#%u#\$USER#g; s#%%#%#g\" ) ; authorized_keys=\${authorized_keys:=.ssh/authorized_keys} ; dotssh=\$( dirname \$authorized_keys ) ; mkdir -p \$dotssh && { [ -z "'`tail -1c \$authorized_keys 2>/dev/null`'" ] || echo >> \$authorized_keys ; } && cat >> \$authorized_keys || exit 1 ; if type restorecon >/dev/null 2>&1 ; then restorecon -F \$dotssh \$authorized_keys ; fi'" \ > || exit 1 > ADDED=$(printf '%s\n' "$NEW_IDS" | wc -l) > ;; >-- >2.11.0 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 2932
: 3207