This commit is contained in:
Maciej Krüger 2023-05-06 11:35:30 +02:00 committed by GitHub
commit a40d881b45
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 22 additions and 1 deletions

View File

@ -13,3 +13,13 @@ If you select this package, add a list of authorized keys to ``site.conf`` like
...
Existing keys in ``/etc/dropbear/authorized_keys`` will be preserved.
If you want to remove specific keys in the future, specify them like this:::
{
unauthorized_keys = { 'ssh-rsa AAA.... user1@host',
'ssh-rsa AAA.... user2@host' },
authorized_keys = { 'ssh-rsa AAA.... user3@host',
'ssh-rsa AAA.... user4@host' },
hostname_prefix = ...
...

View File

@ -1 +1,2 @@
need_string_array(in_site({'authorized_keys'}))
need_string_array(in_site({'unauthorized_keys'}), false)

View File

@ -4,6 +4,7 @@ local site = require 'gluon.site'
local file = '/etc/dropbear/authorized_keys'
local keys = {}
local rm_keys = {}
local function load_keys()
for line in io.lines(file) do
@ -11,12 +12,21 @@ local function load_keys()
end
end
for _, key in ipairs(site.unauthorized_keys({})) do
rm_keys[key] = true
end
pcall(load_keys)
local f = io.open(file, 'a')
local f = io.open(file, 'w')
for _, key in ipairs(site.authorized_keys()) do
if not keys[key] then
f:write(key .. '\n')
end
end
for key, _ in pairs(keys) do
if not rm_keys[key] then
f:write(key .. '\n')
end
end
f:close()