From 585603532b2fea19e2784a4aa8e0dbf904e7b4d6 Mon Sep 17 00:00:00 2001
From: Shireesh Anjal <shireesh@gluster.com>
Date: Fri, 3 Jun 2011 20:03:04 +0530
Subject: Design changes - introducing cluster-server mapping on gateway

---
 .../src/disable-ssh-password-auth.sh               | 30 ++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100755 src/com.gluster.storage.management.server.scripts/src/disable-ssh-password-auth.sh

(limited to 'src/com.gluster.storage.management.server.scripts')

diff --git a/src/com.gluster.storage.management.server.scripts/src/disable-ssh-password-auth.sh b/src/com.gluster.storage.management.server.scripts/src/disable-ssh-password-auth.sh
new file mode 100755
index 00000000..07ee1a3a
--- /dev/null
+++ b/src/com.gluster.storage.management.server.scripts/src/disable-ssh-password-auth.sh
@@ -0,0 +1,30 @@
+#!/bin/bash
+
+#-----------------------------------------------------------------------------
+# disable-ssh-password-auth.sh
+# 	Script for disabling SSH password authentication. This is used by the
+# 	management gateway after installing the public key, so that the gluster
+#	node can be accessed (using ssh) only from the management gateway.
+#-----------------------------------------------------------------------------
+
+CONFIG_FILE="/etc/ssh/sshd_config"
+TIMESTAMP=`date +%d%m%Y%H%M%S`
+BACKUP_FILE="${CONFIG_FILE}_${TIMESTAMP}"
+TEMP_FILE="/tmp/new_sshd_config_${TIMESTAMP}"
+
+# Modify config file to disable password authentication, redirect to a temp file
+# TODO: disable only if enabled!
+sed "s/^PasswordAuthentication yes$/PasswordAuthentication no/g" ${CONFIG_FILE} > ${TEMP_FILE}
+
+# Secure the file by changing permissions (600)
+chmod 600 ${TEMP_FILE}
+
+# Take backup of config file
+cp ${CONFIG_FILE} ${BACKUP_FILE}
+
+# Overwrite config file with the modified one
+mv ${TEMP_FILE} ${CONFIG_FILE}
+
+# Re-start ssh daemon
+/etc/init.d/sshd restart
+
-- 
cgit