Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/sh
- #DEBUG
- #username=$1
- #password=$2
- gratesuksess=0
- CLIENT_ID=1
- log=/var/log/yubikey.log
- yubikeys=/etc/openvpn/yubikeys/yubikeys.conf
- yubimatch=`cat $yubikeys | grep ${username}:`
- yubimatchuser=`echo $yubimatch | awk -F":" '{ print $1 }'`
- if [ "$username" = "$yubimatchuser" ]; then
- yubimatchkey=`echo $yubimatch | awk -F":" '{ print $2 }'`
- yubitrimmedkey=`echo $password | sed 's/\(.\{12\}\).*/\1/'`
- if [ "$yubimatchkey" = "$yubitrimmedkey" ]; then
- # echo DEBUG: $yubimatch - $yubimatchkey
- /usr/bin/ykclient ${CLIENT_ID} "${password}"
- status=$?
- if [ "$status" = "$gratesuksess" ]; then
- echo "`date` login success (yubikey match)/ yubikey: $yubitrimmedkey - username: ${username} - token: $password" >>$log
- exit $status
- else
- echo "`date` login failure (yubikey: $status)/ yubikey: $yubitrimmedkey - username: ${username} - token: $password" >>$log
- exit 1
- fi
- else
- echo "`date` login failure (yubikey mismatch)/ yubikey: $yubitrimmedkey - username: ${username} - token: $password" >>$log
- exit 1
- fi
- else
- echo "`date` login failure (username not found)/ yubikey: $yubitrimmedkey - username: ${username} - token: $password" >>$log
- exit 1
- fi
Add Comment
Please, Sign In to add comment