# HG changeset patch # User Pascal Bellard # Date 1261987495 -3600 # Node ID 97d62922ae84b2c14c0d4392032a3143a6b83134 # Parent f62b09adf7853959bae563bf5e2a9decd786ba3a ajaxterm: add question/answer support diff -r f62b09adf785 -r 97d62922ae84 ajaxterm/stuff/usr/share/ajaxterm/login --- a/ajaxterm/stuff/usr/share/ajaxterm/login Sun Dec 27 18:39:23 2009 +0100 +++ b/ajaxterm/stuff/usr/share/ajaxterm/login Mon Dec 28 09:04:55 2009 +0100 @@ -1,16 +1,38 @@ #!/bin/sh +# Optional: check user with a random question +file=/usr/share/ajaxterm/questions +if [ -s $file -a -r $file ]; then + line=1 + while read md5 question; do + [ $(( $(date +%s) % $line )) -ne 0 ] && continue + ask_question="$question" + ask_md5="$md5" + line=$(($line+1)) + done < $file + echo -n "$ask_question " + read -t 30 answer + [ $ask_md5 == $(echo $answer | md5sum | cut -d\ -f1) ] || exit 1 +fi + +# Get SSH server server="" if [ -x /usr/bin/ssh ]; then echo -n "SSH server: " read -t 300 server || exit 1 fi + +# No SSH server given ? Try login [ -n "$server" ] || exec /bin/login + +# Allow non default SSH port with format server:port sshport="" case "$server" in *:*) sshport="-p ${server#*:}" server=${server%:*};; esac + +# heading ! in server name means open remote ssh port with a knock sequence if [ -x /usr/bin/knock ]; then case "$server" in !*) server=${server#*!} @@ -18,12 +40,16 @@ read -t 30 sequence && knock ${server#*@} $sequence esac fi + +# Get SSH user if missing case "$server" in *@*) ;; *) echo -n "$server login: " read -t 30 user || exit 1 server="$user@$server";; esac + +# Launch OpenSSH or Dropbear sshargs="-oPreferredAuthentications=keyboard-interactive,password -oNoHostAuthenticationForLocalhost=yes -oLogLevel=FATAL -F/dev/null"; [ -L /usr/bin/ssh ] && sshargs="" exec ssh $sshport $sshargs $server