CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 18:22:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Setup Script - Fix SSH multiple logins

Browse Source
This commit is contained in:
Mike Reeves
2018-10-22 14:33:59 -04:00
parent c8249f363c
commit 195bfe87d2
1 changed files with 11 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
so-setup-network.sh
View File

@@ -35,7 +35,7 @@ accept_salt_key_local() {
accept_salt_key_remote() { accept_salt_key_remote() {
# Accept the key remotely so the device can check in # Accept the key remotely so the device can check in
ssh -i ~/.ssh/so.key socore@$MSRV sudo salt-key -a $HOSTNAME -y ssh -i /root/.ssh/so.key socore@$MSRV sudo salt-key -a $HOSTNAME -y
} }
@@ -131,18 +131,18 @@ copy_minion_pillar() {
# Copy over the pillar # Copy over the pillar
echo "Copying the pillar over" echo "Copying the pillar over"
scp -i ~/.ssh/so.key $TMP/$HOSTNAME.sls socore@$MSRV:/opt/so/saltstack/pillar/$TYPE/$HOSTNAME.sls scp -i /root/.ssh/so.key $TMP/$HOSTNAME.sls socore@$MSRV:/opt/so/saltstack/pillar/$TYPE/$HOSTNAME.sls
} }
copy_ssh_key() { copy_ssh_key() {
# Generate SSH key # Generate SSH key
mkdir -p ~/.ssh mkdir -p /root/.ssh
cat /dev/zero | ssh-keygen -f ~/.ssh/so.key -t rsa -q -N "" cat /dev/zero | ssh-keygen -f /root/.ssh/so.key -t rsa -q -N ""
chown -R $SUDO_USER:$SUDO_USER ~/.ssh chown -R $SUDO_USER:$SUDO_USER /root/.ssh
#Copy the key over to the master #Copy the key over to the master
ssh-copy-id -f -i ~/.ssh/so.key socore@$MSRV ssh-copy-id -f -i /root/.ssh/so.key socore@$MSRV
} }
@@ -679,14 +679,14 @@ set_initial_firewall_policy() {
fi fi
if [ $INSTALLTYPE == 'SENSORONLY' ]; then if [ $INSTALLTYPE == 'SENSORONLY' ]; then
ssh -i ~/.ssh/so.key socore@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh minions $MAINIP ssh -i /root/.ssh/so.key socore@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh minions $MAINIP
ssh -i ~/.ssh/so.key socore@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh forward_nodes $MAINIP ssh -i /root/.ssh/so.key socore@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh forward_nodes $MAINIP
fi fi
if [ $INSTALLTYPE == 'STORAGENODE' ]; then if [ $INSTALLTYPE == 'STORAGENODE' ]; then
ssh -i ~/.ssh/so.key socore@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh minions $MAINIP ssh -i /root/.ssh/so.key socore@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh minions $MAINIP
ssh -i ~/.ssh/so.key socore@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh storage_nodes $MAINIP ssh -i /root/.ssh/so.key socore@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh storage_nodes $MAINIP
ssh -i ~/.ssh/so.key socore@$MSRV sudo /opt/so/saltstack/pillar/data/addtotab.sh nodestab $HOSTNAME $MAINIP ssh -i /root/.ssh/so.key socore@$MSRV sudo /opt/so/saltstack/pillar/data/addtotab.sh nodestab $HOSTNAME $MAINIP
fi fi
if [ $INSTALLTYPE == 'PARSINGNODE' ]; then if [ $INSTALLTYPE == 'PARSINGNODE' ]; then