allow to install the insecure key with the new --enable-insecure-key option

fix #16
2026-02-27 17:41:59 +01:00 · 2014-02-22 16:29:14 +01:00
parent 7bd55402b0
commit bf35ff2bf1
5 changed files with 53 additions and 25 deletions
--- a/image/enable_insecure_key
+++ b/image/enable_insecure_key
@@ -14,4 +14,17 @@ else
 	echo "Editing $AUTHORIZED_KEYS..."
 	cat /etc/insecure_key.pub >> "$AUTHORIZED_KEYS"
 	echo "Success: insecure key has been added to $AUTHORIZED_KEYS"
+	cat <<-EOF
+
+		+------------------------------------------------------------------------------+
+		| Insecure SSH key installed                                                   |
+		|                                                                              |
+		| DO NOT expose port 22 on the Internet unless you know what you are doing!    |
+		|                                                                              |
+		| Use the private key bellow to connect with user root                         |
+		+------------------------------------------------------------------------------+
+
+	EOF
+	cat /etc/insecure_key
+	echo -e "\n\n"
 fi
--- a/image/my_init
+++ b/image/my_init
@@ -167,7 +167,14 @@ def wait_for_runit_services():
 		if not done:
 			time.sleep(0.1)

+def install_insecure_key():
+	info("Installing insecure SSH key for user root")
+	run_command_killable("/usr/sbin/enable_insecure_key")
+
 def main(args):
+	if args.enable_insecure_key:
+		install_insecure_key()
+
 	if not args.skip_startup_files:
 		run_startup_files()
 	
@@ -217,6 +224,9 @@ parser.add_argument('--no-kill-all-on-exit', dest = 'kill_all_on_exit',
 parser.add_argument('--quiet', dest = 'log_level',
 	action = 'store_const', const = LOG_LEVEL_WARN, default = LOG_LEVEL_INFO,
 	help = 'Only print warnings and errors')
+parser.add_argument('--enable-insecure-key', dest = 'enable_insecure_key',
+	action = 'store_const', const = True, default = False,
+	help = 'Install the insecure SSH key')
 args = parser.parse_args()
 log_level = args.log_level

--- a/image/system_services.sh
+++ b/image/system_services.sh
@@ -29,8 +29,9 @@ mkdir -p /root/.ssh
 chmod 700 /root/.ssh
 chown root:root /root/.ssh
 cp /build/insecure_key.pub /etc/insecure_key.pub
-chmod 644 /etc/insecure_key.pub
-chown root:root /etc/insecure_key.pub
+cp /build/insecure_key /etc/insecure_key
+chmod 644 /etc/insecure_key*
+chown root:root /etc/insecure_key*
 cp /build/enable_insecure_key /usr/sbin/

 ## Install cron daemon.