busybox: Disable telnet if an SSH public key for root exists (#8760)
authorVasilis Tsiligiannis <acinonyx@openwrt.gr>
Wed, 2 Feb 2011 18:50:50 +0000 (18:50 +0000)
committerVasilis Tsiligiannis <acinonyx@openwrt.gr>
Wed, 2 Feb 2011 18:50:50 +0000 (18:50 +0000)
SVN-Revision: 25317

package/busybox/files/telnet

index b8823379b9a8e1c61546090c7527447fe9aa5275..a1e17275a3619c36d07579fd545911161b460867 100755 (executable)
@@ -10,8 +10,14 @@ has_root_pwd() {
        test -n "${pwd#!}"
 }
 
+has_ssh_pubkey() {
+       ( test -x /usr/sbin/dropbear && grep -qs "^ssh-" /etc/dropbear/authorized_keys ) || \
+       ( test -x /usr/sbin/sshd && grep -qs "^ssh-" /root/.ssh/authorized_keys )
+}
+
 start() {
-       if ( ! has_root_pwd /etc/passwd && ! has_root_pwd /etc/shadow ) || \
+       if ( ! has_ssh_pubkey && \
+            ! has_root_pwd /etc/passwd && ! has_root_pwd /etc/shadow ) || \
           ( [ ! -x /usr/sbin/dropbear ] && [ ! -x /usr/sbin/sshd ] );
        then
                telnetd -l /bin/login.sh