Bugzilla – Attachment 345 Details for
Bug 2737
Ship script to make it easier to extra smart card key to authorized_keys
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
Updated tl-get-cert
tl-get-cert (text/plain), 1.97 KB, created by
Peter Åstrand
on 2009-10-21 15:14:10 CEST
(
hide
)
Description:
Updated tl-get-cert
Filename:
MIME Type:
Creator:
Peter Åstrand
Created:
2009-10-21 15:14:10 CEST
Size:
1.97 KB
patch
obsolete
>#!/bin/sh > ># From desktop, run with: ># xterm -e tl-get-cert > >tool=pkcs15-tool > >my_exit() >{ > if [ "${XTERM_SHELL}" ]; then > echo "Press ENTER to exit." > read > fi > exit $1 >} > >thisuser=$1 > >if [ -z "${thisuser}" ]; then > echo -n "Enter username [${USER}]: " > read thisuser >fi > >if [ -z "${thisuser}" ]; then > thisuser=${USER} >fi > >homedir=`getent passwd ${thisuser} | cut -d: -f 6` >uid=`getent passwd ${thisuser} | cut -d: -f 3` > >if [ -z "${homedir}" ]; then > echo "The user ${thisuser} does not exist." > my_exit 1 >fi > >if [ ! -d "${homedir}" ]; then > echo "Creating directory ${homedir}" > mkdir "${homedir}" > chown ${thisuser} "${homedir}" > chmod 700 "${homedir}" >fi > >sshdir="${homedir}/.ssh" > >if [ ! -d "${sshdir}" ]; then > echo "Creating directory ${sshdir}" > mkdir "${sshdir}" > chown ${thisuser} "${sshdir}" > chmod 700 "${sshdir}" >fi > >echo "Listing card certificates..." >ids=`"${tool}" -k | awk '/^[ \t]*ID[ \t]*:/{ print $3}'` >if [ -z "${ids}" ]; then > echo "Error: Cannot find any certificate IDs on this card" > my_exit 2 >fi > >authkeys="${sshdir}/authorized_keys" >aliasfile="/etc/passwdaliases" >lastid="" >for id in ${ids}; do > echo "Fecthing SSH key for id {id} to ${authkeys}..." > "${tool}" --read-ssh-key ${id} >> "${authkeys}" > lastid=${id} >done >chown ${thisuser} "${authkeys}" >chmod 600 "${authkeys}" > >echo "Generating certificate DN..." >dn=`"${tool}" -r ${lastid} | openssl x509 -inform PEM -outform DER | /opt/thinlinc/libexec/tl-cert-dn` >echo "User DN: ${dn}" >if [ -w /etc/passwdaliases ]; then > echo "Adding DN to ${aliasfile}..." > echo "${dn}:${uid}" >> /etc/passwdaliases >else > echo "================================================================" > echo "Warning: You are not allowed to modify etc/passwdaliases." > echo "This user cannot use automatic connect upon smart card insertion" > echo "================================================================" >fi >echo "${dn}" > ${homedir}/.thinlinc/user-dn > >my_exit 0
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=345">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 2737
:
272
|
340
|
345
|
346
|
430
|
434
