diff options
Diffstat (limited to 'post-install-msg.sh')
-rwxr-xr-x | post-install-msg.sh | 60 |
1 files changed, 0 insertions, 60 deletions
diff --git a/post-install-msg.sh b/post-install-msg.sh deleted file mode 100755 index 8fecde4..0000000 --- a/post-install-msg.sh +++ /dev/null @@ -1,60 +0,0 @@ -#! /bin/sh -# -# Tell the user that the machine is ready to slurp the key for full disk -# encryption. -# -# Copyright 2013 Guilhem Moulin <guilhem@fripost.org> -# -# Licensed under the GNU GPL version 3 or higher. - -set -ue - -cd /target/etc/ - -chroot /target/ service ssh start; sleep 1 -sed -i 's/^DenyUsers \*$/AllowGroups ssh/' ./ssh/sshd_config - -# Busybox's sed doesn't support address '0,/../' -user="$(sed -rn 's/^([^:]*):[^:]*:1000:.*/\1/p' ./passwd)" -home="/target/$(sed -rn 's/^[^:]*:[^:]*:1000:[^:]*:[^:]*:([^:]*):.*/\1/p' ./passwd)" - -. /usr/share/debconf/confmodule - -ipv4="$(ip addr show eth0 | sed -nr 's/^\s+inet\s([0-9.]{4,32}).*/\1/p')" -template=$(mktemp) - -cat > "$template" <<EOF -Template: post-install/title -Type: note -Description: Installation complete - -Template: post-install/text -Type: note -Description: Press 'continue' to reboot - After the reboot, you will be able to log in to this new Debian GNU/Linux - system: - . - ssh -p 22 -l $user $ipv4 - . - To defeat MiTM-attacks, please ensure that the server fingerprint matches - . - $(ssh-keygen -lf ./ssh/ssh_host_rsa_key) - . - Key(s) that are currently granted access have the following fingerprint: - . -EOF -while read pk; do - # ssh-keygen can't read from STDIN, and ash doesn't have the '<<<' - # construct, so we save each pubkey in a temporary file - pkf=$(mktemp) - echo "$pk" > "$pkf" - echo " - $(ssh-keygen -lf $pkf)" >> "$template" - rm "$pkf" -done < "$home/.ssh/authorized_keys" -# TODO: key granted access to the initramfs -# TODO: copy the previous keys? - -debconf-loadtemplate post-install "$template" -db_settitle post-install/title -db_input critical post-install/text -db_go |