He has written down the script, which has made his Lord the Legend ;-)
Now, let's put some light on it.
The script takes .ssh folder files from the specified user of template machine, and turns it into .ssh folder of root user on target host. There are also the configuration changes, inside of either /etc/default/login file, or /etc/ssh/sshd_config one.
Do not try this at (production) home!
# ./rootbox.sh
Generating package files
prototype
pkginfo
checkinstall
postinstall
postremove
login.sed
sshd_config.sed
Making package MMWrootbox.1.0.i386.pkg [/tmp]
success
Translating package format to a datastream
success
# cd /tmp
# pkgadd -d MMWrootbox.1.0.i386.pkg
The following packages are available:
1 MMWrootbox Root box
(i386) 1.0
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]:
Processing package instance from
Root box(i386) 1.0
Marcin Marian Wisnios
## Executing checkinstall script.
## Processing package information.
## Processing system information.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
## Checking for setuid/setgid programs.
This package contains scripts which will be executed with super-user
permission during the process of installing this package.
Do you want to continue with the installation of [y,n,?] y
Installing Root box as
## Installing part 1 of 1.
/root/.ssh/authorized_keys
[ verifying class ]
Modifying /etc/default/login
Modifying /etc/ssh/sshd_config
[ verifying class ]
## Executing postinstall script.
Installation of was successful.
# date;svcs -x ssh| grep -i state
Sun Nov 22 08:50:57 CET 2009
State: online since Sun Nov 22 08:50:42 2009
# diff /etc/ssh/sshd_config /tmp/rootbox.bak/sshd_config
128c128
< PermitRootLogin without-password
---
> PermitRootLogin no
# diff /etc/default/login /tmp/rootbox.bak/login
18c18
< #CONSOLE=/dev/console
---
> CONSOLE=/dev/console
# pkginfo MMWrootbox
system MMWrootbox Root box
# pkginfo -l MMWrootbox
PKGINST: MMWrootbox
NAME: Root box
CATEGORY: system
ARCH: i386
VERSION: 1.0
BASEDIR: /
VENDOR: Marcin Marian Wisnios
DESC: Methods and keys to allow remote root user access
PSTAMP: 20091122085002
INSTDATE: Nov 22 2009 08:50
EMAIL: wisnios@gmail.com
STATUS: completely installed
FILES: 4 installed pathnames
2 shared pathnames
1 directories
3 blocks used (approx)
# pkgrm MMWrootbox
The following package is currently installed:
MMWrootbox Root box
(i386) 1.0
Do you want to remove this package? [y,n,?,q] y
## Removing installed package instance
This package contains scripts which will be executed with super-user
permission during the process of removing this package.
Do you want to continue with the removal of this package [y,n,?,q] y
## Verifying package dependencies in global zone
## Processing package information.
## Removing pathnames in class
Modifying /etc/ssh/sshd_config
Modifying /etc/default/login
## Removing pathnames in class
/root/.ssh/authorized_keys
/root/.ssh
## Executing postremove script.
## Updating system information.
Removal of was successful.
# svcs -x ssh|grep -i state; date
State: online since Sun Nov 22 08:52:33 2009
Sun Nov 22 08:52:50 CET 2009
# diff /etc/ssh/sshd_config /tmp/rootbox.bak/sshd_config
# diff /etc/default/login /tmp/rootbox.bak/login
http://cs-tools.googlecode.com/files/rootbox.sh
Enjoy.
No comments:
Post a Comment