Adding multiple local keys for root and users.
authorDaniel Baumann <daniel@debian.org>
Fri, 1 Mar 2013 20:27:22 +0000 (21:27 +0100)
committerDaniel Baumann <daniel@debian.org>
Fri, 1 Mar 2013 20:42:16 +0000 (21:42 +0100)
scripts/debconfig/0010-passwd

index 5e895a2..b3b4cc2 100755 (executable)
@@ -104,6 +104,24 @@ then
        db_set live-debconfig/passwd/root-key-local ""
 fi
 
+# root local ssh keys
+_KEYS="0"
+
+while db_get live-debconfig/passwd/root-key${_KEYS}-local && [ "${RET}" ]
+do
+       if db_get live-debconfig/passwd/root-key${_KEYS}-local
+       then
+               eval _ROOT_KEY${_KEYS}_LOCAL="\"${RET}\"" # string (w/ empty)
+
+               db_fset live-debconfig/passwd/root-key${_KEYS}-local seen false
+               db_set live-debconfig/passwd/root-key${_KEYS}-local ""
+       fi
+
+       _KEYS="$((${_KEYS} + 1))"
+done
+
+_ROOT_KEYS_LOCAL="${_KEYS}"
+
 # user name
 if db_get live-debconfig/passwd/user-name
 then
@@ -214,6 +232,24 @@ then
                db_set live-debconfig/passwd/user-key-local ""
        fi
 
+       # user local ssh keys
+       _KEYS="0"
+
+       while db_get live-debconfig/passwd/user-key${_KEYS}-local && [ "${RET}" ]
+       do
+               if db_get live-debconfig/passwd/user-key${_KEYS}-local
+               then
+                       eval _USER_KEY${_KEYS}_LOCAL="\"${RET}\"" # string (w/ empty)
+
+                       db_fset live-debconfig/passwd/user-key${_KEYS}-local seen false
+                       db_set live-debconfig/passwd/user-key${_KEYS}-local ""
+               fi
+
+               _KEYS="$((${_KEYS} + 1))"
+       done
+
+       _USER_KEYS_LOCAL="${_KEYS}"
+
        # user home
        if db_get live-debconfig/passwd/user-home
        then
@@ -305,6 +341,23 @@ do
                db_set live-debconfig/passwd/user${_NUMBER}-password-crypted ""
        fi
 
+       _KEYS="0"
+
+       while db_get live-debconfig/passwd/user${_NUMBER}-key${_KEYS}-local && [ "${RET}" ]
+       do
+               if db_get live-debconfig/passwd/user${_NUMBER}-key${_KEYS}-local
+               then
+                       eval _USER_KEY${_KEYS}_LOCAL="\"${RET}\"" # string (w/ empty)
+
+                       db_fset live-debconfig/passwd/user${_NUMBER}-key${_KEYS}-local seen false
+                       db_set live-debconfig/passwd/user${_NUMBER}-key${_KEYS}-local ""
+               fi
+
+               _KEYS="$((${_KEYS} + 1))"
+       done
+
+       eval _USER${_NUMBER}_KEYS_LOCAL="${_KEYS}"
+
        if db_get live-debconfig/passwd/user${_NUMBER}-key-local
        then
                eval _USER${_NUMBER}_KEY_LOCAL="\"${RET}\"" # string (w/ empty)
@@ -399,7 +452,22 @@ then
        mkdir -p /root/.ssh
 
        echo "${_ROOT_KEY_LOCAL}" >> /root/.ssh/authorized_keys
+fi
+
+for _KEY in ${_ROOT_KEYS_LOCAL}
+do
+       eval _KEY_LOCAL="$`echo _ROOT_KEY${_KEY}_LOCAL`"
+
+       if [ -n "${_KEY_LOCAL}" ]
+       then
+               mkdir -p /root/.ssh
+
+               echo "${_KEY_LOCAL}" >> /root/.ssh/authorized_keys
+       fi
+done
 
+if [ -e /root/.ssh/authorized_keys ]
+then
        chown root:root /root/.ssh -R
        chmod 0700 /root/.ssh
        chmod 0600 /root/.ssh/authorized_keys
@@ -499,7 +567,22 @@ EOF
                mkdir -p "${_USER_HOME}/.ssh"
 
                echo "${_USER_KEY_LOCAL}" >> "${_USER_HOME}/.ssh/authorized_keys"
+       fi
+
+       for _KEY in ${_USER_KEYS_LOCAL}
+       do
+               eval _KEY_LOCAL="$`echo _USER_KEY${_KEY}_LOCAL`"
 
+               if [ -n "${_KEY_LOCAL}" ]
+               then
+                       mkdir -p "${_USER_HOME}/.ssh"
+
+                       echo "${_KEY_LOCAL}" >> "${_USER_HOME}/.ssh/authorized_keys"
+               fi
+       done
+
+       if [ -e "${_USER_HOME}/.ssh/authorized_keys" ]
+       then
                chown ${_USER_NAME}:${_USER_NAME} "${_USER_HOME}/.ssh" -R
                chmod 0700 "${_USER_HOME}/.ssh"
                chmod 0600 "${_USER_HOME}/.ssh/authorized_keys"
@@ -513,6 +596,7 @@ do
        eval _PASSWORD="$`echo _USER${_NUMBER}_PASSWORD`"
        eval _PASSWORD_CRYPTED="$`echo _USER${_NUMBER}_PASSWORD_CRYPTED`"
        eval _KEY_LOCAL="$`echo _USER${_NUMBER}_KEY_LOCAL`"
+       eval _KEYS_LOCAL="$`echo _USER${_NUMBER}_KEYS_LOCAL`"
        eval _HOME="$`echo _USER${_NUMBER}_HOME`"
        eval _UID="$`echo _USER${_NUMBER}_UID`"
        eval _GID="$`echo _USER${_NUMBER}_GID`"
@@ -616,7 +700,22 @@ EOF
                mkdir -p "${_HOME}/.ssh"
 
                echo "${_KEY_LOCAL}" >> "${_HOME}/.ssh/authorized_keys"
+       fi
+
+       for _KEY in ${_KEYS_LOCAL}
+       do
+               eval _KEY_LOCAL="$`echo _USER${_NUMBER}_KEY${_KEY}_LOCAL`"
 
+               if [ -n "${_KEY_LOCAL}" ]
+               then
+                       mkdir -p "${_USER_HOME}/.ssh"
+
+                       echo "${_KEY_LOCAL}" >> "${_USER_HOME}/.ssh/authorized_keys"
+               fi
+       done
+
+       if [ -e "${_HOME}/.ssh/authorized_keys" ]
+       then
                chown ${_NAME}:${_NAME} "${_HOME}/.ssh" -R
                chmod 0700 "${_HOME}/.ssh"
                chmod 0600 "${_HOME}/.ssh/authorized_keys"