add feature to disable SSH password login
Bernd Wurst commited on 2020-07-30 10:30:34
Zeige 3 geänderte Dateien mit 26 Einfügungen und 5 Löschungen.
- modules/systemuser/edit.php c005419..24bf7b1
- modules/systemuser/include/useraccounts.php 46ccf2d..54945a0
- modules/systemuser/save.php 38eec27..043111b
| ... | ... |
@@ -51,8 +51,8 @@ if ($role & ROLE_CUSTOMER) {
|
| 51 | 51 |
$customer = $_SESSION['customerinfo']; |
| 52 | 52 |
} |
| 53 | 53 |
|
| 54 |
-$form = ' |
|
| 55 |
- |
|
| 54 |
+$form = ''; |
|
| 55 |
+$form .= ' |
|
| 56 | 56 |
<h5>Name (E-Mail-Absender, ...)</h5> |
| 57 | 57 |
<div style="margin-left: 2em;"> |
| 58 | 58 |
<p><input type="radio" name="defaultname" id="defaultname" value="1" '.$defaultname.'/> <label for="defaultname">Kundenname: <strong>'.$customer['name'].'</strong></label></p> |
| ... | ... |
@@ -60,6 +60,22 @@ $form = ' |
| 60 | 60 |
</div> |
| 61 | 61 |
'; |
| 62 | 62 |
|
| 63 |
+$defaultpwlogin = 'checked'; |
|
| 64 |
+$defaultnopwlogin = ''; |
|
| 65 |
+ |
|
| 66 |
+if ($account['passwordlogin'] == 0) {
|
|
| 67 |
+ $defaultpwlogin = ''; |
|
| 68 |
+ $defaultnopwlogin = 'checked'; |
|
| 69 |
+} |
|
| 70 |
+ |
|
| 71 |
+$form .= ' |
|
| 72 |
+<h5>Passwort-Login</h5> |
|
| 73 |
+<div style="margin-left: 2em;"> |
|
| 74 |
+ <p><input type="radio" name="passwordlogin" id="passwordlogin_ja" value="1" '.$defaultpwlogin.'/> <label for="passwordlogin_ja">SSH-Login mit Passwort erlauben</label></p> |
|
| 75 |
+ <p><input type="radio" name="passwordlogin" id="passwordlogin_nein" value="0" '.$defaultnopwlogin.'/> <label for="passwordlogin_nein">SSH-Login nur mit SSH-Key ermglichen</label></p> |
|
| 76 |
+</div> |
|
| 77 |
+'; |
|
| 78 |
+ |
|
| 63 | 79 |
if ($role & ROLE_CUSTOMER) {
|
| 64 | 80 |
$form .= ' |
| 65 | 81 |
<h5>Speicherplatz</h5> |
| ... | ... |
@@ -78,7 +78,7 @@ function get_account_details($uid, $customerno=0) |
| 78 | 78 |
$customerno = $_SESSION['customerinfo']['customerno']; |
| 79 | 79 |
} |
| 80 | 80 |
$args = array(":uid" => $uid, ":customerno" => $customerno);
|
| 81 |
- $result = db_query("SELECT uid,username,name,shell,server,quota,erstellungsdatum FROM system.useraccounts WHERE kunde=:customerno AND uid=:uid", $args);
|
|
| 81 |
+ $result = db_query("SELECT uid,username,name,shell,server,quota,erstellungsdatum,passwordlogin FROM system.useraccounts WHERE kunde=:customerno AND uid=:uid", $args);
|
|
| 82 | 82 |
if ($result->rowCount() == 0) {
|
| 83 | 83 |
system_failure("Cannot find the requestes useraccount (for this customer).");
|
| 84 | 84 |
} |
| ... | ... |
@@ -114,9 +114,10 @@ function set_account_details($account) |
| 114 | 114 |
":shell" => filter_input_oneline($account['shell']), |
| 115 | 115 |
":quota" => $account['quota'], |
| 116 | 116 |
":uid" => $account['uid'], |
| 117 |
- ":customerno" => $customerno); |
|
| 117 |
+ ":customerno" => $customerno, |
|
| 118 |
+ ":passwordlogin" => $account['passwordlogin']); |
|
| 118 | 119 |
|
| 119 |
- db_query("UPDATE system.useraccounts SET name=:fullname, quota=:quota, shell=:shell WHERE kunde=:customerno AND uid=:uid", $args);
|
|
| 120 |
+ db_query("UPDATE system.useraccounts SET name=:fullname, quota=:quota, shell=:shell, passwordlogin=:passwordlogin WHERE kunde=:customerno AND uid=:uid", $args);
|
|
| 120 | 121 |
logger(LOG_INFO, "modules/systemuser/include/useraccounts", "systemuser", "updated details for uid {$args[":uid"]}");
|
| 121 | 122 |
} |
| 122 | 123 |
|
| ... | ... |
@@ -95,6 +95,10 @@ else |
| 95 | 95 |
$account['name'] = filter_input_oneline($_POST['fullname']); |
| 96 | 96 |
} |
| 97 | 97 |
|
| 98 |
+ if (isset($_POST['passwordlogin'])) {
|
|
| 99 |
+ $account['passwordlogin'] = (int) $_POST['passwordlogin']; |
|
| 100 |
+ } |
|
| 101 |
+ |
|
| 98 | 102 |
$shells = available_shells(); |
| 99 | 103 |
if (isset($shells[$_POST['shell']])) {
|
| 100 | 104 |
$account['shell'] = $_POST['shell']; |
| 101 | 105 |