#!/usr/bin/perl
# IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html
#egan@us.ibm.com
#(C)IBM Corp
#
my $homedir ;
if ($^O =~ /^aix/i) {  # AIX 
   $homedir="/";
} else {  #  LINUX
   $homedir="/root";
}
if (-r "/etc/ssh/sshd_config")
{    # readable

    my $msg = "Install: setup /etc/ssh/sshd_config";
    `logger -t xcat $msg`;
    `cp /etc/ssh/sshd_config /etc/ssh/sshd_config.ORIG`;
     # get rid of X11Forwarding setting
    `perl -pi -e 's/^.*X11Forwarding.*\n//g' /etc/ssh/sshd_config`;  
     # get rid of KeyRegenerationInterval setting
    `perl -pi -e 's/^.*KeyRegenerationInterval.*\n//g' /etc/ssh/sshd_config`;  
     # get rid of MaxStartup setting
    `perl -pi -e 's/^.*MaxStartups.*\n//g' /etc/ssh/sshd_config`;  
     # get rid of PasswordAuthentication setting
    `perl -pi -e 's/^.*PasswordAuthentication.*\n//g' /etc/ssh/sshd_config`;  
    `echo "KeyRegenerationInterval 0" >>/etc/ssh/sshd_config`;
    `echo "X11Forwarding yes" >>/etc/ssh/sshd_config`;
    `echo "MaxStartups 1024" >>/etc/ssh/sshd_config`;
    `echo "PasswordAuthentication no" >>/etc/ssh/sshd_config`;
}

if (-d "/xcatpost/.ssh")
{    # directory
    my $msg = "Install: setup root .ssh";
    `logger -t xcat $msg`;
    chdir("/xcatpost/.ssh");
    mkdir("$homedir/.ssh", 700);
    `cp -f /xcatpost/ssh/* $homedir/.ssh`;
     my $cmd="chmod 600 $homedir/.ssh/*";
    `$cmd`;
}
if (-d "/xcatpost/hostkeys")
{
    my $msg = "Install: using server provided host key for convenience.";
    `logger -t xcat $msg`;
    `cp /xcatpost/hostkeys/*_key /etc/ssh/`;
}

exit 0;