saturday-works2

2024-06-29 18:21:22 +00:00 · 2022-03-05 17:27:27 +00:00 · 2022-03-05 17:27:27 +00:00 · 83e7986cce
commit 83e7986cce
parent e38dd3df86
6 changed files with 47 additions and 7 deletions
--- a/guest/l0pht-guest/bin/l0pht-motd.sh
+++ b/guest/l0pht-guest/bin/l0pht-motd.sh
@ -1,3 +1,32 @@
 #! /bin/bash

-echo "Hello L0pht MOTD"
+CY="\033[1;33m" # yellow
+CG="\033[1;32m" # green
+CR="\033[1;31m" # red
+CC="\033[1;36m" # cyan
+CM="\033[1;35m" # magenta
+CW="\033[1;37m" # magenta
+CF="\033[2m"    # faint
+CN="\033[0m"    # none
+
+CBG="\033[42;1m" # Background Green
+
+# night-mode
+CDY="\033[0;33m" # yellow
+CDG="\033[0;32m" # green
+CDR="\033[0;31m" # red
+CDC="\033[0;36m" # cyan
+CDM="\033[0;35m" # magenta
+
+BINDIR="$(cd "$(dirname "${0}")" || exit; pwd)"
+BASEDIR="$(cd "${BINDIR}/.." || exit; pwd)"
+
+source "${BASEDIR}/log/vpn_status"
+source "${BASEDIR}/config"
+
+[[ -z $IS_VPN_CONNECTED ]] && VPN_DST="${CR}NOT CONNECTED${CN}" || VPN_DST="${CDG}${VPN_COUNTRY:-UNKNOWN}${CN}"
+
+echo -e "VPN connected to: ${VPN_DST}"
+echo -e "DNS-SEC         : ${CG}ENABLED${CN}"
+echo -e "Connect with    : ${CDC}ssh -o \"SetEnv LID=${LID}\" user@${L0PHT_SERVER_DIRECT:-UNKNOWN}${CN}"
+echo -e "Non-Root        : ${CDC}su user && cd${CN}"
--- a/guest/l0pht-guest/config
+++ b/guest/l0pht-guest/config
--- a/guest/l0pht-guest/log/vpn_status
+++ b/guest/l0pht-guest/log/vpn_status
@ -1,3 +1,2 @@
-VPN_STATUS="Connected"
-IS_VPN_CONNECTED=1
+#IS_VPN_CONNECTED=1
 VPN_COUNTRY="US Amercia"
--- a/host/fs-root/bin/docker_sshd.sh
+++ b/host/fs-root/bin/docker_sshd.sh
@ -1,6 +1,18 @@
 #! /bin/bash

 # This is the entry point for L0PHT-HOST (e.g. host/Dockerfile)
+# Fix ownership if mounted from within vbox
+[[ -e /etc/ssh/l0pht/ssh_host_rsa_key ]] || {
+	echo -e \
+"\033[1;31mSSH Key not found in /etc/ssh/l0pht\033[00m. You must create them first and the
+start docker with the additional '-v' option below:
+
+mkdir -p ~/l0pht/cfg/etc/ssh && ssh-keygen -A ~/l0pht/cfg && \\
+docker run --r -p 22:2222 -v /var/run/docker.sock:/var/run/docker.sock \\
+	-v ~/l0pht/etc/ssh:/etc/ssh/l0pht:ro \\
+	--name l0pht-host -it l0pth-host"
+	exit 255
+}

 # The owner of the original socket is not known at 'docker build' time. Thus 
 # we need to dynamically add it so that the shell started by SSHD can
--- a/host/fs-root/etc/ssh/sshd_config
+++ b/host/fs-root/etc/ssh/sshd_config
@ -15,9 +15,9 @@
 #ListenAddress 0.0.0.0
 #ListenAddress ::

-#HostKey /etc/ssh/ssh_host_rsa_key
-#HostKey /etc/ssh/ssh_host_ecdsa_key
-#HostKey /etc/ssh/ssh_host_ed25519_key
+HostKey /etc/ssh/l0pht/ssh_host_rsa_key
+HostKey /etc/ssh/l0pht/ssh_host_ecdsa_key
+HostKey /etc/ssh/l0pht/ssh_host_ed25519_key

 # Ciphers and keying
 #RekeyLimit default none
@ -90,6 +90,7 @@ X11Forwarding no
 #X11UseLocalhost yes
 #PermitTTY yes
 PrintMotd no
+AcceptEnv LID
 #PrintLastLog yes
 #TCPKeepAlive yes
 #PermitUserEnvironment no
--- a/host/setup.sh
+++ b/host/setup.sh
@ -10,7 +10,6 @@ sed -i 's/user\:!/user\:$6$nND1o68YSDG8heUr$wx\/FpC3\/TCZlhs3LsJ7ll5YVlPfICNN7yH
 # docker inside vmbox from shared host drive (rwxrwx--- root:vobxsf)
 chown -R root:root /etc/ssh && \
 chmod 700 /etc/ssh && \
-chmod 600 /etc/ssh/ssh_* && \
 chown root:root /bin/l0phtsh && \
 chmod 755 /bin/l0phtsh && \
 chmod 755 /bin /etc && \