mirror/userdir-ldap.git
15 years agoProperly show shadowlastchange and mail disabled message when locking an
Peter Palfrader [Mon, 24 Nov 2008 10:25:18 +0000 (11:25 +0100)]
Properly show shadowlastchange and mail disabled message when locking an
account, but not disabling email.  It was written to ldap correctly, but we
updated the data to display wrongly.

15 years agoNew version number userdir-ldap-0.3.52
Peter Palfrader [Sun, 23 Nov 2008 21:09:15 +0000 (22:09 +0100)]
New version number

15 years agoAlso do the subgroups/transitive stuff dance when considering if a user is in a group...
Peter Palfrader [Sun, 23 Nov 2008 21:08:45 +0000 (22:08 +0100)]
Also do the subgroups/transitive stuff dance when considering if a user is in a group for exporting them to a host in the first place

15 years agocall addGroups with the proper number of arguments, when doing so recursively.
Peter Palfrader [Sun, 23 Nov 2008 21:08:03 +0000 (22:08 +0100)]
call addGroups with the proper number of arguments, when doing so recursively.

15 years agoFix group does not exist warning (layout/spacing issues)
Peter Palfrader [Sun, 23 Nov 2008 21:07:23 +0000 (22:07 +0100)]
Fix group does not exist warning (layout/spacing issues)

15 years agoRemove cruft comment
Peter Palfrader [Sun, 23 Nov 2008 20:41:13 +0000 (21:41 +0100)]
Remove cruft comment

15 years agoAdd hostnames from the host purpose field to the ssh_known_hosts file (by tomv_w) userdir-ldap-0.3.51
Peter Palfrader [Sun, 23 Nov 2008 20:23:20 +0000 (21:23 +0100)]
Add hostnames from the host purpose field to the ssh_known_hosts file (by tomv_w)

15 years agosubgroup support, courtesy of luk
Peter Palfrader [Sun, 23 Nov 2008 20:13:40 +0000 (21:13 +0100)]
subgroup support, courtesy of luk

15 years agoUpdate template/welcome-message-800 to match the actual template used on
Peter Palfrader [Sun, 23 Nov 2008 13:20:37 +0000 (14:20 +0100)]
Update template/welcome-message-800 to match the actual template used on
db.debian.org.

15 years agoud-generate: Support $gid@$host supplementary group entries for users. userdir-ldap-0.3.50
Peter Palfrader [Sat, 15 Nov 2008 10:20:24 +0000 (11:20 +0100)]
ud-generate: Support $gid@$host supplementary group entries for users.

15 years agoud-replicate: Only link ssh-rsa-shadow to var/lib/misc/$host and etc/ssh if it exists... userdir-ldap-0.3.49
Peter Palfrader [Fri, 14 Nov 2008 22:15:31 +0000 (23:15 +0100)]
ud-replicate: Only link ssh-rsa-shadow to var/lib/misc/$host and etc/ssh if it exists.  Else remove the symlink.

15 years ago* ud-generate: Remove support for single ssh key shadow file. userdir-ldap-0.3.48
Peter Palfrader [Fri, 14 Nov 2008 22:05:23 +0000 (23:05 +0100)]
* ud-generate: Remove support for single ssh key shadow file.
* ud-generate: Make ssh key tarballs the default.
* ud-generate: Move ssh tarball generation into its own function.  Currently it's part of the main loop.

15 years agoFix a typo on ud-mailgate userdir-ldap-0.3.47
Peter Palfrader [Fri, 14 Nov 2008 19:41:43 +0000 (20:41 +0100)]
Fix a typo on ud-mailgate

15 years agoChange the hmac that protect sudopassword entries to also hash the purpose userdir-ldap-0.3.46
Peter Palfrader [Fri, 14 Nov 2008 19:34:55 +0000 (20:34 +0100)]
Change the hmac that protect sudopassword entries to also hash the purpose
("sudo") and the owning user's uid into the mac.

16 years agoud-replicate: Sync only ssh_known_hosts into chroots, not ssh*. userdir-ldap-0.3.45
Peter Palfrader [Sun, 26 Oct 2008 21:32:16 +0000 (22:32 +0100)]
ud-replicate: Sync only ssh_known_hosts into chroots, not ssh*.
ud-replicate: Clean up better, correcting some mistakes done by earlier versions.

16 years agoud-replicate: Use --delete-after with rsync. Previously we didn't delete stuff ever
Peter Palfrader [Sun, 26 Oct 2008 21:31:35 +0000 (22:31 +0100)]
ud-replicate: Use --delete-after with   Previously we didn't delete stuff ever

16 years agoud-generate: Declare [UNTRSUTED] flag as obsolete.
Peter Palfrader [Thu, 23 Oct 2008 18:25:21 +0000 (20:25 +0200)]
ud-generate: Declare [UNTRSUTED] flag as obsolete.
ud-generate: Add [NOMARKERS] flag to not push markers (gps coordinates) to host.

16 years agoud-generate: do not export sudopassword to untrusted or nopasswd hosts, unless the... userdir-ldap-0.3.44
Peter Palfrader [Fri, 3 Oct 2008 11:25:43 +0000 (13:25 +0200)]
ud-generate: do not export sudopassword to untrusted or nopasswd hosts, unless the password is explicitly added for this host and not just for '*'

16 years agoadd vim settings
Peter Palfrader [Fri, 3 Oct 2008 11:20:29 +0000 (13:20 +0200)]
add vim settings

16 years agoWhitespace changes only
Peter Palfrader [Fri, 3 Oct 2008 11:20:20 +0000 (13:20 +0200)]
Whitespace changes only

16 years agoDo not support del requests for sshDSAAuthKey - there is no such attribute
Peter Palfrader [Fri, 26 Sep 2008 12:21:52 +0000 (14:21 +0200)]
Do not support del requests for sshDSAAuthKey - there is no such attribute

16 years agoFQHNs sometimes, well always, include dots. userdir-ldap-0.3.43
Peter Palfrader [Tue, 16 Sep 2008 13:07:36 +0000 (15:07 +0200)]
FQHNs sometimes, well always, include dots.

16 years agoSay what pam.d/sudo should look like userdir-ldap-0.3.42
Peter Palfrader [Tue, 16 Sep 2008 12:31:44 +0000 (14:31 +0200)]
Say what pam.d/sudo should look like

16 years agoExport all accounts into sudo-passwd, even if they do not have a sudo password userdir-ldap-0.3.40
Peter Palfrader [Tue, 16 Sep 2008 12:29:56 +0000 (14:29 +0200)]
Export all accounts into sudo-passwd, even if they do not have a sudo password
set.  Set their password to '*' then.

16 years agolower casing the sudopasswd ldap entry prior to parsing and verifying it was a bad... userdir-ldap-0.3.41
Peter Palfrader [Mon, 15 Sep 2008 17:27:38 +0000 (19:27 +0200)]
lower casing the sudopasswd ldap entry prior to parsing and verifying it was a bad idea

16 years agoReading the hmac key only once is too troublesome
Peter Palfrader [Sun, 14 Sep 2008 23:12:41 +0000 (01:12 +0200)]
Reading the hmac key only once is too troublesome

16 years agoLowercasing hashed sudo passwords in ud-mailgate not considered smart userdir-ldap-0.3.39
Peter Palfrader [Sun, 14 Sep 2008 22:40:37 +0000 (00:40 +0200)]
Lowercasing hashed sudo passwords in ud-mailgate not considered smart

16 years agoAlso the hmac stuff
Peter Palfrader [Sun, 14 Sep 2008 22:18:51 +0000 (00:18 +0200)]
Also the hmac stuff

16 years agoUsing the right variable name will also help
Peter Palfrader [Sun, 14 Sep 2008 22:17:00 +0000 (00:17 +0200)]
Using the right variable name will also help

16 years agoand os
Peter Palfrader [Sun, 14 Sep 2008 22:15:46 +0000 (00:15 +0200)]
and os

16 years agoAnd import pwd in userdir_ldap
Peter Palfrader [Sun, 14 Sep 2008 22:14:34 +0000 (00:14 +0200)]
And import pwd in userdir_ldap

16 years agoFix order of some calls so stuff works again userdir-ldap-0.3.38
Peter Palfrader [Sun, 14 Sep 2008 22:12:11 +0000 (00:12 +0200)]
Fix order of some calls so stuff works again

16 years ago0.3.37 userdir-ldap-0.3.37
Peter Palfrader [Sun, 14 Sep 2008 21:45:53 +0000 (23:45 +0200)]
0.3.37

16 years agoUpdate changelog
Peter Palfrader [Sun, 14 Sep 2008 19:57:21 +0000 (21:57 +0200)]
Update changelog

16 years agoStore a mac with confirmed sudo passwords, so that they cannot be modified by editing...
Peter Palfrader [Sun, 14 Sep 2008 19:20:14 +0000 (21:20 +0200)]
Store a mac with confirmed sudo passwords, so that they cannot be modified by editing ldap directly

16 years ago*password needs to be writeable by self, because the web interface uses the user...
Peter Palfrader [Sat, 13 Sep 2008 22:37:36 +0000 (00:37 +0200)]
*password needs to be writeable by self, because the web interface uses the user's own credentials to update stuff - which is a good thing, really

16 years agoDo not limit sudoPassword entries in size - the hostlist could be larger
Peter Palfrader [Sat, 13 Sep 2008 22:18:38 +0000 (00:18 +0200)]
Do not limit sudoPassword entries in size - the hostlist could be larger

16 years agoud-generate: generate a sudo passwd file
Peter Palfrader [Sat, 13 Sep 2008 18:16:16 +0000 (20:16 +0200)]
ud-generate: generate a sudo passwd file

16 years agoFix various bugs in sudopassword confirmation code
Peter Palfrader [Sat, 13 Sep 2008 17:15:24 +0000 (19:15 +0200)]
Fix various bugs in sudopassword confirmation code

16 years agoFix hexdigest() call
Peter Palfrader [Sat, 13 Sep 2008 17:08:12 +0000 (19:08 +0200)]
Fix hexdigest() call

16 years agoremove code that I did not test yet
Peter Palfrader [Sat, 13 Sep 2008 17:06:49 +0000 (19:06 +0200)]
remove code that I did not test yet

16 years agoAnd strip the key/password
Peter Palfrader [Sat, 13 Sep 2008 17:05:44 +0000 (19:05 +0200)]
And strip the key/password

16 years agoFix various bugs I introduced into ud-mailgate
Peter Palfrader [Sat, 13 Sep 2008 17:01:02 +0000 (19:01 +0200)]
Fix various bugs I introduced into ud-mailgate

16 years agoud-mailgate: Implement confirmation of sudoPassword field
Peter Palfrader [Sat, 13 Sep 2008 16:33:19 +0000 (18:33 +0200)]
ud-mailgate: Implement confirmation of sudoPassword field

16 years agoAdd sudoPassword to schema
Peter Palfrader [Sat, 13 Sep 2008 14:37:21 +0000 (16:37 +0200)]
Add sudoPassword to schema

16 years agoDo not allow self to write password and keys - they need to be changed via the mail...
Peter Palfrader [Sat, 13 Sep 2008 14:37:13 +0000 (16:37 +0200)]
Do not allow self to write password and keys - they need to be changed via the mail gateway or the web interface

16 years agoud-mailgate: Do not commit any changes if one of the requests is invalid or could...
Peter Palfrader [Sat, 13 Sep 2008 14:35:17 +0000 (16:35 +0200)]
ud-mailgate: Do not commit any changes if one of the requests is invalid or could not be parsed or caused an error or anything.

16 years agoAha. Error is not some magic variable or exception, it's a normal string that userdir-ldap-0.3.36
Peter Palfrader [Sat, 19 Jul 2008 19:36:54 +0000 (21:36 +0200)]
Aha.  Error is not some magic variable or exception, it's a normal string that
needs defining when we use it.

16 years agoCheck if a key has encryption capabilities and fail saying so when trying to userdir-ldap-0.3.35
Peter Palfrader [Sat, 19 Jul 2008 14:20:56 +0000 (16:20 +0200)]
Check if a key has encryption capabilities and fail saying so when trying to
encrypt stuff (like passwords) to users.  All this does is give nicer error
messages, it previously failed with just "gpg failed".

16 years ago0.3.34 userdir-ldap-0.3.34
Peter Palfrader [Tue, 8 Jul 2008 12:33:13 +0000 (14:33 +0200)]
0.3.34

16 years agoCheck that the primary key is not expired, even if we get a GOODSIG status from
Peter Palfrader [Tue, 8 Jul 2008 12:33:06 +0000 (14:33 +0200)]
Check that the primary key is not expired, even if we get a GOODSIG status from
gnupg.  Based on patch by Jeremy T. Bouse

16 years agoDocument changes accidentially commited two commits ago:
Peter Palfrader [Tue, 8 Jul 2008 12:18:45 +0000 (14:18 +0200)]
Document changes accidentially commited two commits ago:
userdir_gpg.py:
    - do not use SIGEXPIRED, it's deprecated
    - use EXPKEYSIG to tell if a signature is made by an expired key.

16 years agoud-info: Change the "retired" status to "inactive". inactive covers memorial, remove...
Peter Palfrader [Tue, 8 Jul 2008 08:34:53 +0000 (10:34 +0200)]
ud-info: Change the "retired" status to "inactive".  inactive covers memorial, removed, expelled more clearly.

16 years agoud-info: fix changing of DD status/DD status comment - we were missing prompt informa...
Peter Palfrader [Tue, 8 Jul 2008 07:44:46 +0000 (09:44 +0200)]
ud-info: fix changing of DD status/DD status comment - we were missing prompt information so we got a backtrace.
ud-info: Warn when we don't have a prompt string for attributes on startup.

16 years ago0.3.33 userdir-ldap-0.3.33
Peter Palfrader [Mon, 23 Jun 2008 20:59:32 +0000 (22:59 +0200)]
0.3.33

16 years agoAdd userdir-ldap-slapd.conf, a snipped to be included in slapd.conf to the package.
Peter Palfrader [Mon, 23 Jun 2008 20:58:12 +0000 (22:58 +0200)]
Add userdir-ldap-slapd.conf, a snipped to be included in slapd.conf to the package.

16 years agoremove an extra space
Peter Palfrader [Mon, 23 Jun 2008 20:39:54 +0000 (22:39 +0200)]
remove an extra space

16 years agoAllow setting of gender in ud-mailgate. Based on patch by Bernhard R. Link.
Peter Palfrader [Mon, 9 Jun 2008 20:59:39 +0000 (22:59 +0200)]
Allow setting of gender in ud-mailgate.  Based on patch by Bernhard R. Link.

16 years agoud-info: Add "retire developer" option that sets accountStatus properly to
Peter Palfrader [Sun, 25 May 2008 23:29:09 +0000 (01:29 +0200)]
ud-info: Add "retire developer" option that sets accountStatus properly to
either retiring, retired, memorial or active.  Active is for all currently
active developers, memorial is for those who have passed away and whose
accounts will never be reused, retiring is a developer who is retired but still
receives mail at their @debian.org address.  After a few months they should
move on to retired, with their mail also disabled.  accountStatus is just a
freeform text, but these 4 options should be the only ones that exist.

16 years agoud-info: Only show "Lock account" in root mode.
Peter Palfrader [Sun, 25 May 2008 20:35:48 +0000 (22:35 +0200)]
ud-info: Only show "Lock account" in root mode.

16 years agoadd "security simple_bind=128" to sample slapd.conf.
Peter Palfrader [Sun, 25 May 2008 16:34:33 +0000 (18:34 +0200)]
add "security simple_bind=128" to sample slapd.conf.

16 years agoDo SSL when connecting to the ldap server. userdir-ldap-0.3.32
Peter Palfrader [Fri, 23 May 2008 21:52:29 +0000 (23:52 +0200)]
Do SSL when connecting to the ldap server.

16 years agoTODO: expand authorized_keys syntax so that users can have certain keys added
Peter Palfrader [Fri, 23 May 2008 10:51:52 +0000 (12:51 +0200)]
TODO: expand authorized_keys syntax so that users can have certain keys added
to only some hosts.  e.g. host="gluck,ries",from="blubb".... ssh-rsa...

16 years agoTODO item: do SSL in all ldap connections that authenticate
Peter Palfrader [Fri, 23 May 2008 10:51:03 +0000 (12:51 +0200)]
TODO item: do SSL in all ldap connections that authenticate

16 years agoOne TODO item is resolved (openssh patch required)
Peter Palfrader [Fri, 23 May 2008 10:50:11 +0000 (12:50 +0200)]
One TODO item is resolved (openssh patch required)

16 years ago0.3.31 userdir-ldap-0.3.31
Peter Palfrader [Fri, 23 May 2008 08:05:27 +0000 (10:05 +0200)]
0.3.31

16 years agomerge from alioth: Document how to use unique overlay for uid and keyFingerPrint
Peter Palfrader [Fri, 23 May 2008 08:04:18 +0000 (10:04 +0200)]
merge from alioth: Document how to use unique overlay for uid and keyFingerPrint

16 years agomerge from alioth: Use ud-config in ud-replicate to determine emailappend value inste...
Peter Palfrader [Fri, 23 May 2008 08:02:48 +0000 (10:02 +0200)]
merge from alioth: Use ud-config in ud-replicate to determine emailappend value instead of using @debian.org hardcoded

16 years agomerge from alioth:
Peter Palfrader [Fri, 23 May 2008 08:00:32 +0000 (10:00 +0200)]
merge from alioth:
Make ud-useradd also not use hardcoded path
Use sync_keyrings from config instead of hardcoded list

16 years ago* When we lock accounts, set shadowExpire to 1. shadowExpire userdir-ldap-0.3.30
Peter Palfrader [Thu, 22 May 2008 20:41:25 +0000 (22:41 +0200)]
* When we lock accounts, set shadowExpire to 1.  shadowExpire
  is "days since Jan 1, 1970 that account is disabled".
* Properly capitalize shadowInactive and shadowExpire attributes in
  ud-info and ud-generate.
* Add copyright statements to ud-info from bzr log.

16 years agoWhen we touch usePassword in ud-info or ud-mailgate we now also update
Peter Palfrader [Thu, 22 May 2008 20:26:49 +0000 (22:26 +0200)]
When we touch usePassword in ud-info or ud-mailgate we now also update
shadowLastChange.

16 years agoud-info: Add an option "L" to lock accounts in the interactive interface. userdir-ldap-0.3.29
Peter Palfrader [Thu, 22 May 2008 19:50:12 +0000 (21:50 +0200)]
ud-info: Add an option "L" to lock accounts in the interactive interface.
Locking an account sets a user's password to "{crypt}*LK*" and sets a
mailDisableMessage of "account locked".

16 years agoDo not disable mail just because the account is locked. userdir-ldap-0.3.28
Peter Palfrader [Thu, 22 May 2008 19:39:18 +0000 (21:39 +0200)]
Do not disable mail just because the account is locked.

16 years ago* Export ssh-keys.tar.gz to [UNTRUSTED] hosts. Since we already export userdir-ldap-0.3.27
Peter Palfrader [Mon, 19 May 2008 06:56:21 +0000 (08:56 +0200)]
* Export ssh-keys.tar.gz to [UNTRUSTED] hosts.  Since we already export
  ssh-rsa-shadow this is probably the right thing.
* Make keys in the ssh-keys tarball mode 0400 instead of mode 0600.

16 years agoUse new style syntax for unique overlay
Stephen Gran [Sun, 18 May 2008 19:41:39 +0000 (20:41 +0100)]
Use new style syntax for unique overlay

16 years agoDocument how to use unique overlay for uid and keyFingerPrint
Stephen Gran [Sun, 18 May 2008 17:00:05 +0000 (18:00 +0100)]
Document how to use unique overlay for uid and keyFingerPrint

16 years agoMerge from zobel: Fix userdir-ldap.schema (objectClass now contains MAY: VoIP) userdir-ldap-0.3.26
Peter Palfrader [Sun, 18 May 2008 12:28:28 +0000 (14:28 +0200)]
Merge from zobel: Fix userdir-ldap.schema (objectClass now contains MAY: VoIP)

16 years agoud-mailgate: a bug in DoSSH caused all changes to fail that came after DoSSH in
Peter Palfrader [Sun, 18 May 2008 12:26:33 +0000 (14:26 +0200)]
ud-mailgate: a bug in DoSSH caused all changes to fail that came after DoSSH in
HandleChange.  Now DoSSH properly returns without raising an exception if the
line to handle is not an ssh public key.

16 years agoUse ud-config in ud-replicate to determine emailappend value for the sed statement
Joerg Jaspert [Sun, 18 May 2008 12:05:08 +0000 (14:05 +0200)]
Use ud-config in ud-replicate to determine emailappend value for the sed statement

16 years agoMerge from Debian
Joerg Jaspert [Sun, 18 May 2008 11:53:41 +0000 (13:53 +0200)]
Merge from Debian

16 years agoMake ud-useradd also not use hardcoded path
Joerg Jaspert [Sun, 18 May 2008 11:45:59 +0000 (13:45 +0200)]
Make ud-useradd also not use hardcoded path

16 years agoud-replicate: sgran pointed out that if all we care about ignoring is EEXIST
Peter Palfrader [Sun, 18 May 2008 11:41:10 +0000 (13:41 +0200)]
ud-replicate: sgran pointed out that if all we care about ignoring is EEXIST
then we should use mkdir -p instead of [ -d userkeys ] || mkdir userkeys.

16 years agoUncommit a change from aba after a little discussion on irc
Joerg Jaspert [Sun, 18 May 2008 11:37:40 +0000 (13:37 +0200)]
Uncommit a change from aba after a little discussion on irc

16 years agoUse sync_keyrings from config instead of hardcoded list
Joerg Jaspert [Sun, 18 May 2008 11:32:27 +0000 (13:32 +0200)]
Use sync_keyrings from config instead of hardcoded list

16 years agoDisable GSSAPIAuthentication in ud-replicate
Andreas Barth [Sun, 18 May 2008 11:26:17 +0000 (11:26 +0000)]
Disable GSSAPIAuthentication in ud-replicate

16 years ago* fix userdir-ldap.schema, now contains MAY: VoIP
Martin Zobel-Helas [Sun, 18 May 2008 11:05:54 +0000 (13:05 +0200)]
* fix userdir-ldap.schema, now contains MAY: VoIP
* Add changelog-entry

16 years agoMerge from Debian
Joerg Jaspert [Sun, 18 May 2008 10:49:46 +0000 (12:49 +0200)]
Merge from Debian

16 years agoMake ssh-keys.tar.gz readable only by the user. userdir-ldap-0.3.25
Peter Palfrader [Sat, 17 May 2008 14:15:26 +0000 (16:15 +0200)]
Make ssh-keys.tar.gz readable only by the user.

16 years ago0.3.24 userdir-ldap-0.3.24
Peter Palfrader [Sat, 17 May 2008 13:41:24 +0000 (15:41 +0200)]
0.3.24

16 years agoAnd clean up the bugs I introduced while mucking with sgran's shell
Peter Palfrader [Sat, 17 May 2008 13:41:13 +0000 (15:41 +0200)]
And clean up the bugs I introduced while mucking with sgran's shell

16 years agoFix string vs. int issue in userlist introduced by multiple-ssh patch
Peter Palfrader [Sat, 17 May 2008 13:29:42 +0000 (15:29 +0200)]
Fix string vs. int issue in userlist introduced by multiple-ssh patch

16 years agoFix wording in the changelog
Peter Palfrader [Sat, 17 May 2008 09:41:11 +0000 (11:41 +0200)]
Fix wording in the changelog

16 years agoFuzz with the shell in ud-replicate's sshkeys part
Peter Palfrader [Sat, 17 May 2008 09:40:33 +0000 (11:40 +0200)]
Fuzz with the shell in ud-replicate's sshkeys part

16 years agoud-replicate, ud-generate: Instead of one big ssh-rsa-shadow file ud-generate
Peter Palfrader [Sat, 17 May 2008 09:39:20 +0000 (11:39 +0200)]
ud-replicate, ud-generate: Instead of one big ssh-rsa-shadow file ud-generate
now produces per-user authorized_keys files and tars them up.  On the receiving
end ud-replicate takes the tar and syncs it to userkeys/.  The goal here is to
no longer require a patched sshd.  Setting AuthorizedKeysFile2 to
/var/lib/misc/userkeys/%u is sufficient.  For homedir creation we can use
pam_mkhomedir. [mhy, sgran]

16 years agomerge from alioth: aba: add myself to copyright holders
Peter Palfrader [Sat, 17 May 2008 09:30:38 +0000 (11:30 +0200)]
merge from alioth: aba: add myself to copyright holders

16 years agoud-generate: Add performance optimization by resolving IP adresses for hosts
Peter Palfrader [Sat, 17 May 2008 09:30:01 +0000 (11:30 +0200)]
ud-generate: Add performance optimization by resolving IP adresses for hosts
only once and caching the result. [aba]

16 years agoud-generate: Add support for generation of authorized_keys file on the db host
Peter Palfrader [Sat, 17 May 2008 09:27:06 +0000 (11:27 +0200)]
ud-generate: Add support for generation of authorized_keys file on the db host
for the sshdist user.  This is now possible since ud-replicate clients use
their ssh host key to authenticate to the db server.  The code now supports
this but the feature is still disabled. [aba]

16 years agoud-replicate: Also support the imposter dchroot-dsa from the debian archive [aba]
Peter Palfrader [Sat, 17 May 2008 09:22:00 +0000 (11:22 +0200)]
ud-replicate: Also support the imposter dchroot-dsa from the debian archive [aba]

16 years agobetter check for ssh1 keys (which we do not accept). Merged from alioth but slightly...
Peter Palfrader [Sat, 17 May 2008 09:18:45 +0000 (11:18 +0200)]
better check for ssh1 keys (which we do not accept).  Merged from alioth but slightly improved regex

16 years agoMerge sshkeys branch from Stephen and Mark
Joerg Jaspert [Fri, 16 May 2008 21:00:43 +0000 (23:00 +0200)]
Merge sshkeys branch from Stephen and Mark