Mercurial > google-authenticator
view Makefile @ 1:0e3c9806a620
changes for centos7
| author | Carl Byington <carl@five-ten-sg.com> |
|---|---|
| date | Thu, 02 Mar 2017 12:45:31 -0800 |
| parents | 524d6c83d8ad |
| children | ecf6bac512ae |
line wrap: on
line source
# # based on http://blog.boa.nu/2012/11/two-factor-ssh-login-google-authenticator-and-selinux.html # r := $(shell grep Wrote: mylog | grep -v debuginfo | awk '{print $$2}') b := $(shell basename ${r}) m := google-authenticator.pp all: yum -y install pam-devel selinux-policy-devel rpmbuild --rebuild google-authenticator-1.0-0.gita096a62.fc24.6.src.rpm >mylog 2>&1 grep Wrote: mylog make -f /usr/share/selinux/devel/Makefile install: [ -f ${r} ] || /bin/false yum -y install ${r} semodule -i ${m} sed -i -e 's/PAM-1.0/PAM-1.0\nauth required pam_google_authenticator.so nullok/g' /etc/pam.d/sshd sed -i -e 's/^ChallengeResponseAuthentication no/ChallengeResponseAuthentication yes/g' /etc/ssh/sshd_config service sshd restart install-centos7: [ -f ${r} ] || /bin/false yum -y install ${r} sed -i -e 's/PAM-1.0/PAM-1.0\nauth required pam_google_authenticator.so nullok/g' /etc/pam.d/sshd sed -i -e 's/^ChallengeResponseAuthentication no/ChallengeResponseAuthentication yes/g' /etc/ssh/sshd_config systemctl restart sshd.service setup: google-authenticator # authenticator setup creates the file with the wrong label. restorecon ~/.google_authenticator install-remote: scp ${r} ${m} $$target:/tmp ssh $$target "cd /tmp; yum -y install ${b}" ssh $$target "cd /tmp; semodule -i ${m}" ssh $$target "sed -i -e 's/PAM-1.0/PAM-1.0\nauth required pam_google_authenticator.so nullok/g' /etc/pam.d/sshd" ssh $$target "sed -i -e 's/^ChallengeResponseAuthentication no/ChallengeResponseAuthentication yes/g' /etc/ssh/sshd_config" ssh $$target "service sshd restart" # make install-remote target=host.domain.tld