Thomas Vachuska | 12bf445 | 2015-06-26 09:15:38 -0700 | [diff] [blame^] | 1 | #!/bin/bash |
| 2 | # ----------------------------------------------------------------------------- |
| 3 | # Enables secure access to ONOS console by removing default users & keys. |
| 4 | # ----------------------------------------------------------------------------- |
| 5 | |
| 6 | rm -f $(dirname $0)/onos |
| 7 | |
| 8 | set -e |
| 9 | |
| 10 | cd $(dirname $0)/../apache-karaf-*/etc |
| 11 | USERS=users.properties |
| 12 | KEYS=keys.properties |
| 13 | |
| 14 | # Remove the built-in users and keys to secure the access implicitly. |
| 15 | egrep -v "^(karaf|onos)[ ]*=" $USERS > $USERS.new && mv $USERS.new $USERS |
| 16 | egrep -v "^(#karaf|onos)[ ]*=" $KEYS > $KEYS.new && mv $KEYS.new $KEYS |
| 17 | |
| 18 | # Remove any previous known keys for the local host. |
| 19 | ssh-keygen -f "$HOME/.ssh/known_hosts" -R [localhost]:8101 |
| 20 | |
| 21 | # Swap the onos client to use the SSH variant |
| 22 | ln -s $(dirname $0)/onos-ssh $(dirname $0)/onos |