diff options
Diffstat (limited to 'rt-from-remote')
| -rwxr-xr-x | rt-from-remote | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/rt-from-remote b/rt-from-remote new file mode 100755 index 0000000..89d6623 --- /dev/null +++ b/rt-from-remote @@ -0,0 +1,37 @@ +#!/bin/bash + +# from-remote: this script is executed by the remote ssh client as +# instructed in .ssh/authorized_keys. + +# /bin/bash: because of the usage of the non-posix 'exec -a' + +exec 2>>err + +log() +{ + echo `date` "$@" >> log +} + +bad() +{ + mv $file bad/ra-$$.tar.gz + log "Bad connection attempt. SSH_CONNECTION='$SSH_CONNECTION', file=bad/ra-$$.tar.gz" + exit 1 +} + +mkdir -p ra ra/old bad +file=ra/ra-$$.tar.gz +dd of=$file bs=100k count=1 2>/dev/null +tar tzf $file >/dev/null 2>&1 || bad +pubkey=`tar xzf $file -O origkey | ssh-keygen -y -f /proc/self/fd/0 | awk '$1 == "ssh-rsa" {print $2}'` +[ -z "$pubkey" ] && bad +comment=`grep "$pubkey" .ssh/authorized_keys | awk '{print $NF}'` +[ -z "$comment" ] && bad +mv -f ra/$comment-* ra/old 2>/dev/null +mv $file ra/$comment-$$.tar.gz +file=ra/$comment-$$.tar.gz +keyfile=ra/$comment-key +tar xzf $file -O key > $keyfile || bad +chmod 600 $keyfile +log "Connection from $comment. SSH_CONNECTION='$SSH_CONNECTION', file=$file" +exec -a sleep-$comment sleep 1d |