mirror of
https://github.com/iiab/iiab.git
synced 2025-02-13 19:52:06 +00:00
22 lines
1,000 B
Bash
Executable file
22 lines
1,000 B
Bash
Executable file
#!/bin/bash
|
|
# credit to the folks at raspberry pi foundatioon
|
|
check_hash ()
|
|
{
|
|
if ! id -u iiab-admin > /dev/null 2>&1 ; then return 0 ; fi
|
|
if grep -q "^PasswordAuthentication\s*no" /etc/ssh/sshd_config ; then return 0 ; fi
|
|
test -x /usr/bin/mkpasswd || return 0
|
|
SHADOW="$(sudo -n grep -E '^iiab-admin:' /etc/shadow 2>/dev/null)"
|
|
test -n "${SHADOW}" || return 0
|
|
if echo $SHADOW | grep -q "iiab-admin:!" ; then return 0 ; fi
|
|
SHADOW_PW=$(echo $SHADOW | cut -d: -f2)
|
|
if [ "$SHADOW_PW" != "\$6\$iiab51\$D.IrrEeLBYIuJkGDmi27pZUGOwPFp98qpl3hxMwWV4hXigFGmdSvy3s/j7tn6OnyTTLmlV7SsN0lCUAFzxSop." ]; then return 0 ; fi
|
|
|
|
if echo "${SHADOW}" | grep -q "${HASH}"; then
|
|
zenity --warning --text="SSH is enabled and the default password for the 'iiab-admin' user has not been changed.\nThis is a security risk - please go to the iiab-console and use utilities-> change password to set a new password."
|
|
fi
|
|
}
|
|
|
|
if service ssh status | grep -q running; then
|
|
check_hash
|
|
fi
|
|
unset check_hash
|