[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Remote Job Entry validated by pgp (hack script)



#!/bin/sh

# This is a little hack to let me send myself signed pgp mail containing
# a batch script and have it execute as me.  I knocked this up in a hurry
# this evening when I needed to remote control a machine I couldn't easily
# telnet to.  It's not especially elegant but then it's not especially
# big, so if you don't like it, write your own the way you prefer.

# Because this runs as a batch job, PGPPATH and PGPPASS must be
# set in the environment.  If invoked from procmail, they have to
# be defined in .procmailrc  Clearly you should use a different
# private key to your personal one for mail.  Given that this is
# only to stop outsiders accessing your account, it doesn't matter
# that the exec-key is held online or in the environment - if someone
# could hack your account to get the key they've already done enough
# to hack your account anyway and having access to this exec-server
# would give them no extra advantage...

# I use procmail runes like this to execute this script:

# :2
# ^From.*gtoal
# Subject: batch job

# The From line is redundant, but I just put it in so I could easily
# bounce requests from most unauthorised senders in a later procmail
# rule.  Unauthorised senders posting as me are silently dropped
# on the floor... (assuming the pgp signature check fails that is!)

cat > $PGPPATH/job.$$

# This just extracts the first pgp message to a file to avoid possible
# problems with spoofing... - it leaves the file empty if no pgp message
# was found.  I use my own editor 'ecce' to do this - you might use
# sed or perl or whatever...

if [ -f /usr/local/lib/ecce ]; then
# Skipping this stage probably doesn't hurt...
/usr/local/lib/ecce $PGPPATH/job.$$ << EOD
f/-----BEGIN PGP MESSAGE-----/l0k-0f/-----END PGP MESSAGE-----/mk0,m-0k0;%c
EOD
fi

# can't use -f filter mode because it's impossible to specify
# the pubring to use if you do.
# +batchmode is essential - it forces a return code of 0 if and
# only if the pgp message was signed and the signator is explicitly
# listed in 'execring.pgp'.

pgp +batchmode $PGPPATH/job.$$ \
               $PGPPATH/exec.$$ \
               $PGPPATH/execring.pgp 
if [ $? -ne 0 ]; then
  # This goes into the procmail log
  echo ILLEGAL REMOTE JOB - USER NOT IN EXECRING.PGP
  # tidy up
  rm -f $PGPPATH/job.$$
  rm -f $PGPPATH/exec.$$
  exit 1
fi

# execute the command - probably a script but could as easily be a
# binary executable if properly compiled for the target host.

chmod +x $PGPPATH/exec.$$
$PGPPATH/exec.$$

# tidy up
rm -f $PGPPATH/job.$$
rm -f $PGPPATH/exec.$$
exit 0