/usr/share/drbl/sbin/drbl-gen-ssh-host-keys is in drbl 2.11.15-1.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 | #!/bin/bash
# Author: Steven Shiau <steven _at_ nchc org tw>
# License: GPL
# Description: This program is modified from Fedora Core 4 Init file for OpenSSH server daemon (/etc/init.d/sshd), so that it can generate the host key for DRBL Debian clients.
#
# config: /etc/ssh/ssh_host_key
# config: /etc/ssh/ssh_host_key.pub
# config: /etc/ssh/ssh_random_seed
# config: /etc/ssh/sshd_config
# Load DRBL setting and functions
DRBL_SCRIPT_PATH="${DRBL_SCRIPT_PATH:-/usr/share/drbl}"
. $DRBL_SCRIPT_PATH/sbin/drbl-conf-functions
#
KEYGEN=/usr/bin/ssh-keygen
export LC_ALL=C
Usage() {
echo "Usage: $0 [OPTION] {generate|clean|regenerate} Client_IP_LIST"
echo "Options:"
echo "-v, --verbose: verbose mode."
echo "Ex: "$0 generate 192.168.0.1" will generate the OpenSSH host keys for DRBL client 192.168.0.1."
}
do_rsa1_keygen() {
if [ ! -s $RSA1_KEY ]; then
[ -n "$verbose" ] && echo -n "Generating SSH1 RSA host key: "
if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
chmod 600 $RSA1_KEY
chmod 644 $RSA1_KEY.pub
[ -n "$verbose" ] && echo "RSA1 key generation done!"
else
echo "RSA1 key generation failed!"
exit 1
fi
fi
}
do_rsa_keygen() {
if [ ! -s $RSA_KEY ]; then
[ -n "$verbose" ] && echo -n "Generating SSH2 RSA host key: "
if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then
chmod 600 $RSA_KEY
chmod 644 $RSA_KEY.pub
[ -n "$verbose" ] && echo "RSA key generation done!"
else
echo "RSA key generation failed"
exit 1
fi
fi
}
do_dsa_keygen() {
if [ ! -s $DSA_KEY ]; then
[ -n "$verbose" ] && echo -n "Generating SSH2 DSA host key: "
if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then
chmod 600 $DSA_KEY
chmod 644 $DSA_KEY.pub
[ -n "$verbose" ] && echo "DSA key generation done!"
else
echo "DSA key generation failed!"
exit 1
fi
fi
}
generate() {
# Create keys if necessary
echo -n "Generating SSH host keys for client $HOST_IP if they do not exist... "
do_rsa1_keygen
do_rsa_keygen
do_dsa_keygen
echo "done!"
}
clean() {
echo -n "Cleaning SSH host keys for client $HOST_IP..."
[ -n "$verbose" ] && vop="-v"
[ -f "$RSA1_KEY" ] && rm -f $vop $RSA1_KEY
[ -f "$RSA1_KEY.pub" ] && rm -f $vop $RSA1_KEY.pub
[ -f "$RSA_KEY" ] && rm -f $vop $RSA_KEY
[ -f "$RSA_KEY.pub" ] && rm -f $vop $RSA_KEY.pub
[ -f "$DSA_KEY" ] && rm -f $vop $DSA_KEY
[ -f "$DSA_KEY.pub" ] && rm -f $vop $DSA_KEY.pub
echo "done!"
}
#
check_if_root
# Parse command-line options
while [ $# -gt 0 ]; do
case "$1" in
-v|--verbose)
shift; verbose="on"
;;
-*) echo "${0}: ${1}: invalid option" >&2
Usage >& 2
exit 2 ;;
*) break ;;
esac
done
#
mode=$1
shift
IP_LIST=$*
[ -z "$IP_LIST" ] && Usage && exit 1
#
for HOST_IP in $IP_LIST; do
[ ! -d "$drblroot/$HOST_IP/etc/ssh" ] && echo "No directory $drblroot/$HOST_IP/etc/ssh!!! Skip this client!!!"
RETVAL=0
# Some functions to make the below more readable
RSA1_KEY="$drblroot/$HOST_IP/etc/ssh/ssh_host_key"
RSA_KEY="$drblroot/$HOST_IP/etc/ssh/ssh_host_rsa_key"
DSA_KEY="$drblroot/$HOST_IP/etc/ssh/ssh_host_dsa_key"
case "$mode" in
generate)
generate
;;
clean)
clean
;;
regenerate)
clean
generate
;;
*)
Usage
RETVAL=1
esac
done
exit $RETVAL
|