htcondor 8.6.8~dfsg.1-2 / usr / lib / condor / libexec / condor_ssh_to_job_sshd_setup

This file is indexed.

/usr/lib/condor/libexec/condor_ssh_to_job_sshd_setup is in htcondor 8.6.8~dfsg.1-2.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
#!/bin/sh

die() {
  echo $1
  exit 1
}

base_dir="$1"
ssh_to_job_shell_setup="$2"
sshd_config_template="$3"
ssh_keygen="$4"

# create sshd session directory
num=1
while [ 1 ]; do
  sshd_dir="${base_dir}/.condor_ssh_to_job_${num}"
  if /bin/mkdir "${sshd_dir}" > /dev/null 2>&1; then
    break
  fi
  if [ -e "${sshd_dir}" ]; then
    num=$(($num+1))
    continue
  fi
  die "Failed to create ${sshd_dir}"
done

# save environment so that ssh_to_job_shell_setup can restore it
# do not preserve the job's DISPLAY environment variable, because
# that will conflict with X forwarding in the ssh session
unset DISPLAY
export -p > "${sshd_dir}/env.sh"

if [ -x /bin/sed ]; then
  SED=/bin/sed
elif [ -x /usr/bin/sed ]; then
  SED=/usr/bin/sed
else
  SED=sed
fi

sshkey="${sshd_dir}/sshkey"
# modify ssh-keygen command string
# replace %% --> %, %f --> ${sshkey}
ssh_keygen=$(echo "${ssh_keygen}" | "${SED}" 's|\([^%]\)%f|\1'"${sshkey}"'|g;s|%%|%|g')

# run ssh-keygen
eval $ssh_keygen > "${sshd_dir}/keygen.log" 2>&1

if [ $? != 0 ]; then
  /bin/cat "${sshd_dir}/keygen.log"
  die "Failed to create ssh key ${sshkey} with command ${ssh_keygen}"
fi

# inject our shell setup command into authorized keys options
force_command="${ssh_to_job_shell_setup} ${sshd_dir}/env.sh"
/bin/echo -n "command=\"${force_command}\" " > "${sshd_dir}/authorized_keys" \
  || die "Failed to create ${sshd_dir}/authorized_keys"

/bin/cat "${sshkey}.pub" >> "${sshd_dir}/authorized_keys" \
  || die "Failed to append ${sshkey}.pub to ${sshd_dir}/authorized_keys."

# create sshd_config by substituting into our template
sshd_config="${sshd_dir}/sshd_config"
"${SED}" \
   < "${sshd_config_template}" \
   > "${sshd_config}" \
     "s|_INSERT_HOST_KEY_|${sshkey}|g;
      s|_INSERT_AUTHORIZED_KEYS_FILE_|${sshd_dir}/authorized_keys|g;
      s|_INSERT_FORCE_COMMAND_|${force_command}|g"\
 || die "Failed to create ${sshd_config}"

sshd_user=`/usr/bin/whoami` || die "Failed to run /usr/bin/whoami"

# now transmit stuff back to our caller on stdout
# the caller expects specific markers before and after each item

echo "condor_ssh_to_job_sshd_setup SSHD USER BEGIN"
echo "${sshd_user}"
echo "condor_ssh_to_job_sshd_setup SSHD USER END"

echo "condor_ssh_to_job_sshd_setup SSHD DIR BEGIN"
echo "${sshd_dir}"
echo "condor_ssh_to_job_sshd_setup SSHD DIR END"

echo "condor_ssh_to_job_sshd_setup PUBLIC SERVER KEY BEGIN"
/bin/cat "${sshkey}.pub" \
  || die "Failed to read ${sshkey}.pub"
echo "condor_ssh_to_job_sshd_setup PUBLIC SERVER KEY END"

echo "condor_ssh_to_job_sshd_setup AUTHORIZED CLIENT KEY BEGIN"
/bin/cat "${sshkey}" \
  || die "Failed to read ${sshkey}"
echo "condor_ssh_to_job_sshd_setup AUTHORIZED CLIENT KEY END"

echo "condor_ssh_to_job_sshd_setup SUCCESS"

APT Browse - Built by Thomas Orozco.