| #!/bin/sh |
| # Copyright 2016 Google Inc. All Rights Reserved. |
| # |
| # Enable or Disable ssh access. |
| # |
| # By default ssh access is disabled but for debugging purposes |
| # we need to have a way to enable/disable it. |
| |
| usage() |
| { |
| echo "Usage:" |
| echo |
| echo " -h This help screen" |
| echo " -e Enable SSH access" |
| echo " -d Disable SSH access" |
| } |
| |
| admin_file="/tmp/ADMINMODE_SSHD" |
| |
| if_ssh_mounted() { |
| if [ ! -z "$(cat /proc/mounts | grep '.ssh')" ]; then |
| return 1 |
| fi |
| return 0 |
| } |
| |
| do_mount() { |
| echo "mounting .ssh ..." |
| |
| if_ssh_mounted |
| if [ $? -ne 0 ]; then |
| echo "already mounted" |
| exit 1 |
| fi |
| |
| mkdir /tmp/.ssh |
| mount --bind /tmp/.ssh /root/.ssh |
| if [ $? -ne 0 ]; then |
| echo "mounting .ssh failed" |
| exit 1 |
| fi |
| } |
| |
| do_unmount() { |
| echo "unmounting .ssh ..." |
| rm -f /tmp/.ssh/authorized_keys |
| if_ssh_mounted |
| while [ $? -ne 0 ]; do |
| umount /root/.ssh |
| if [ $? -ne 0 ]; then |
| echo "failed to unmount" |
| exit 1 |
| fi |
| if_ssh_mounted |
| done |
| rm -rf /tmp/.ssh |
| } |
| |
| do_enable() { |
| echo "enabling ssh ..." |
| if [ -f "$admin_file" ]; then |
| echo "ssh was enabled already" |
| exit 0 |
| fi |
| |
| do_mount |
| >$admin_file |
| start dropbear |
| } |
| |
| do_disable() { |
| echo "disabling ssh ..." |
| |
| if [ ! -f "$admin_file" ]; then |
| echo "ssh was not enabled yet" |
| exit 0 |
| fi |
| |
| stop dropbear |
| |
| rm -f $admin_file |
| |
| do_unmount |
| } |
| |
| while getopts ":edh" option |
| do |
| case "$option" in |
| e) |
| option_found=1 && do_enable |
| ;; |
| d) |
| option_found=1 && do_disable |
| ;; |
| h) |
| option_found=1 && usage |
| ;; |
| \?|:|*) |
| bad_option=1 |
| ;; |
| esac |
| done |
| |
| if [ -z "$option_found" ] || [ -n "$bad_option" ]; then |
| echo "$0: Unknown options: $@" |
| usage |
| exit 1 |
| fi |