DTail: Restrict SSH MAC algorithms allowed - Update of few dependencies

1 files changed, 33 insertions, 0 deletions

diff --git a/examples/update_key_cache.sh.example b/examples/update_key_cache.sh.example
new file mode 100644
index 0000000..9817f04
--- /dev/null
+++ b/examples/update_key_cache.sh.example
@@ -0,0 +1,33 @@
+#!/bin/bash
+
+declare -r CACHEDIR=/var/run/dserver/cache
+declare -r DSERVER_USER=dserver
+
+echo "Updating SSH key cache"
+
+ls /home/ | while read remoteuser; do
+    keysfile=/home/$remoteuser/.ssh/authorized_keys
+
+    if [ -f $keysfile ]; then
+        cachefile=$CACHEDIR/$remoteuser.authorized_keys
+        echo "Caching $keysfile -> $cachefile"
+
+        cp $keysfile $cachefile
+        chown $DSERVER_USER $cachefile
+        chmod 600 $cachefile
+    fi
+done
+
+# Cleanup obsolete public SSH keys
+find $CACHEDIR -name \*.authorized_keys -type f |
+while read cachefile; do
+    remoteuser=$(basename $cachefile | cut -d. -f1)
+    keysfile=/home/$remoteuser/.ssh/authorized_keys
+
+    if [ ! -f $keysfile ]; then
+        echo "Deleting obsolete cache file $cachefile"
+        rm $cachefile
+    fi
+done
+
+echo "All set..."