Permalink
Browse files

[NOT FOR UPSTREAM] Dumb hacks to embed your SSH key in your kernel!

Signed-off-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
  • Loading branch information...
ajdlinux committed Aug 15, 2017
1 parent 569dbb8 commit 052c0cb7296f7510fd482fecbe572b641c29239f
Showing with 69 additions and 0 deletions.
  1. +14 −0 fs/Kconfig
  2. +2 −0 fs/Makefile
  3. +53 −0 fs/ssh_key.c
View
@@ -13,6 +13,20 @@ if BLOCK
config FS_IOMAP
bool
config SSH_KEY
bool "Andrew's dumb SSH key hack"
default y
help
Hardcode an SSH key for /root/.ssh/authorized_keys.
This is a stupid idea. If unsure, say N.
config SSH_KEY_VALUE
string "Value for SSH key"
depends on SSH_KEY
help
Enter in the content for /root/.ssh/authorized_keys.
source "fs/ext2/Kconfig"
source "fs/ext4/Kconfig"
source "fs/jbd2/Kconfig"
View
@@ -21,6 +21,8 @@ endif
obj-$(CONFIG_PROC_FS) += proc_namespace.o
obj-$(CONFIG_SSH_KEY) += ssh_key.o
obj-y += notify/
obj-$(CONFIG_EPOLL) += eventpoll.o
obj-$(CONFIG_ANON_INODES) += anon_inodes.o
View
@@ -0,0 +1,53 @@
/*
* Only the very dodgiest of hacks!
*/
#include <linux/kobject.h>
#include <linux/sysfs.h>
#include <linux/syscalls.h>
const char key[] = CONFIG_SSH_KEY_VALUE;
static ssize_t show_key(struct file *file, struct kobject *kobj,
struct bin_attribute *bin_attr, char *to,
loff_t pos, size_t count)
{
return memory_read_from_buffer(to, count, &pos, key, bin_attr->size);
}
static const struct bin_attribute authorized_keys_attr = {
.attr = { .name = "authorized_keys", .mode = 0444 },
.read = show_key,
.size = sizeof(key)
};
static int __init ssh_key_init(void)
{
int rc;
struct kobject *ssh_kobj;
ssh_kobj = kobject_create_and_add("ssh", NULL);
if (!ssh_kobj) {
pr_err("SSH: kobject creation failed!\n");
return -ENOMEM;
}
rc = sysfs_create_bin_file(ssh_kobj, &authorized_keys_attr);
if (rc) {
pr_err("SSH: sysfs creation failed, rc %d\n", rc);
return rc;
}
pr_debug("SSH key: sysfs created\n");
rc = do_mount("sysfs", "/sys", "sysfs",
MS_NOSUID | MS_NOEXEC | MS_NODEV, NULL);
if (rc) {
pr_err("SSH: couldn't mount /sys, rc %d\n", rc);
return rc;
}
rc = do_mount("/sys/ssh", "/root/.ssh", "sysfs", MS_BIND, NULL);
if (rc) {
pr_err("SSH: bind mount failed, rc %d\n", rc);
return rc;
}
pr_debug("SSH: bind complete\n");
return 0;
}
late_initcall(ssh_key_init);

0 comments on commit 052c0cb

Please sign in to comment.