diff options
author | Ashlee Young <ashlee@onosfw.com> | 2015-09-09 22:15:21 -0700 |
---|---|---|
committer | Ashlee Young <ashlee@onosfw.com> | 2015-09-09 22:15:21 -0700 |
commit | 13d05bc8458758ee39cb829098241e89616717ee (patch) | |
tree | 22a4d1ce65f15952f07a3df5af4b462b4697cb3a /framework/src/onos/tools/package/bin/onos-secure-ssh | |
parent | 6139282e1e93c2322076de4b91b1c85d0bc4a8b3 (diff) |
ONOS checkin based on commit tag e796610b1f721d02f9b0e213cf6f7790c10ecd60
Change-Id: Ife8810491034fe7becdba75dda20de4267bd15cd
Diffstat (limited to 'framework/src/onos/tools/package/bin/onos-secure-ssh')
-rwxr-xr-x | framework/src/onos/tools/package/bin/onos-secure-ssh | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/framework/src/onos/tools/package/bin/onos-secure-ssh b/framework/src/onos/tools/package/bin/onos-secure-ssh new file mode 100755 index 00000000..3f541dbe --- /dev/null +++ b/framework/src/onos/tools/package/bin/onos-secure-ssh @@ -0,0 +1,38 @@ +#!/bin/bash +# ----------------------------------------------------------------------------- +# Enables secure access to ONOS console by removing default users & keys. +# ----------------------------------------------------------------------------- + +rm -f $(dirname $0)/onos + +set -e + +# Scan arguments for user/password or other options... +while getopts u:p: o; do + case "$o" in + u) user=$OPTARG;; + p) password=$OPTARG;; + esac +done +password=${password:-$user} # password defaults to the user if not specified +let OPC=$OPTIND-1 +shift $OPC + +cd $(dirname $0)/../apache-karaf-*/etc +USERS=users.properties +KEYS=keys.properties + +# Remove the built-in users and keys to secure the access implicitly. +egrep -v "^(karaf|onos)[ ]*=" $USERS > $USERS.new && mv $USERS.new $USERS +egrep -v "^(#karaf|onos)[ ]*=" $KEYS > $KEYS.new && mv $KEYS.new $KEYS + +# Remove any previous known keys for the local host. +ssh-keygen -f "$HOME/.ssh/known_hosts" -R [localhost]:8101 + +# Swap the onos client to use the SSH variant. +ln -s $(dirname $0)/onos-ssh $(dirname $0)/onos + +# If user and password options were given, setup the user/password. +if [ -n "$user" -a -n "$password" ]; then + echo "$user = $password,_g_:admingroup" >> $USERS +fi
\ No newline at end of file |