diff options
| author | Darren Tucker <dtucker@dtucker.net> | 2023-05-10 10:50:46 +0200 |
|---|---|---|
| committer | Darren Tucker <dtucker@dtucker.net> | 2023-05-25 10:24:37 +0200 |
| commit | bdcaf7939029433635d63aade8f9ac762aca2bbe (patch) | |
| tree | 32d3368fbf1a573d8dfb26c0b83186d10caebba6 /contrib/ssh-copy-id | |
| parent | ssh-copy-id: add -x option (for debugging) (diff) | |
| download | openssh-bdcaf7939029433635d63aade8f9ac762aca2bbe.tar.xz openssh-bdcaf7939029433635d63aade8f9ac762aca2bbe.zip | |
Special case OpenWrt instead of Dropbear.
OpenWrt overrides the location of authorized_keys for root. Currently we
assume that all Dropbear installations behave this way, which is not the
case. Check for OpenWrt and root user before using that location instead
of assuming that for all Dropbear servers. Prompted by Github PR#250.
SSH-Copy-ID-Upstream: 0e1f5d443a9967483c33945793107ae3f3e4af2d
Diffstat (limited to 'contrib/ssh-copy-id')
| -rw-r--r-- | contrib/ssh-copy-id | 23 |
1 files changed, 10 insertions, 13 deletions
diff --git a/contrib/ssh-copy-id b/contrib/ssh-copy-id index f29377e8c..437a7609f 100644 --- a/contrib/ssh-copy-id +++ b/contrib/ssh-copy-id @@ -242,7 +242,6 @@ populate_new_ids() { # optionally takes an alternative path for authorized_keys installkeys_sh() { AUTH_KEY_FILE=${1:-.ssh/authorized_keys} - AUTH_KEY_DIR=$(dirname "${AUTH_KEY_FILE}") # In setting INSTALLKEYS_SH: # the tr puts it all on one line (to placate tcsh) @@ -252,15 +251,20 @@ installkeys_sh() { # the -z `tail ...` checks for a trailing newline. The echo adds one if was missing # the cat adds the keys we're getting via STDIN # and if available restorecon is used to restore the SELinux context + # OpenWrt has a special case for root only. INSTALLKEYS_SH=$(tr '\t\n' ' ' <<-EOF cd; umask 077; - mkdir -p "${AUTH_KEY_DIR}" && - { [ -z \`tail -1c ${AUTH_KEY_FILE} 2>/dev/null\` ] || - echo >> "${AUTH_KEY_FILE}" || exit 1; } && - cat >> "${AUTH_KEY_FILE}" || exit 1; + AUTH_KEY_FILE="${AUTH_KEY_FILE}"; + [ -f /etc/openwrt_release ] && [ "\$LOGNAME" = "root" ] && + AUTH_KEY_FILE=/etc/dropbear/authorized_keys; + AUTH_KEY_DIR=\`dirname "\${AUTH_KEY_FILE}"\`; + mkdir -p "\${AUTH_KEY_DIR}" && + { [ -z \`tail -1c "\${AUTH_KEY_FILE}" 2>/dev/null\` ] || + echo >> "\${AUTH_KEY_FILE}" || exit 1; } && + cat >> "\${AUTH_KEY_FILE}" || exit 1; if type restorecon >/dev/null 2>&1; then - restorecon -F "${AUTH_KEY_DIR}" "${AUTH_KEY_FILE}"; + restorecon -F "\${AUTH_KEY_DIR}" "\${AUTH_KEY_FILE}"; fi EOF ) @@ -336,13 +340,6 @@ case "$REMOTE_VERSION" in exit 1 fi ;; - dropbear*) - populate_new_ids 0 - [ "$DRY_RUN" ] || printf '%s\n' "$NEW_IDS" | \ - $SSH "$@" "$(installkeys_sh /etc/dropbear/authorized_keys)" \ - || exit 1 - ADDED=$(printf '%s\n' "$NEW_IDS" | wc -l) - ;; *) # Assuming that the remote host treats ~/.ssh/authorized_keys as one might expect populate_new_ids 0 |