3 # Display user and group related SSHd options
5 require './sshd-lib.pl';
6 &ui_print_header(undef, $text{'users_title'}, "", "users");
7 $conf = &get_sshd_config();
9 print &ui_form_start("save_users.cgi", "post");
10 print &ui_table_start($text{'users_header'}, "width=100%", 2);
12 if ($version{'type'} eq 'ssh' && $version{'number'} < 2) {
13 # Days before account expires to warn
14 $expire = &find_value("AccountExpireWarningDays", $conf);
15 print &ui_table_row($text{'users_expire'},
16 &ui_opt_textbox("expire", $expire, 5,
17 $text{'users_expire_def'}));
20 # Notify users of new email
21 $mail = &find_value("CheckMail", $conf);
22 if ($version{'type'} eq 'ssh') {
23 print &ui_table_row($text{'users_mail'},
24 &ui_yesno_radio("mail", lc($mail) ne 'no'));
26 elsif ($version{'number'} < 3.1) {
27 print &ui_table_row($text{'users_mail'},
28 &ui_yesno_radio("mail", lc($mail) eq 'yes'));
31 if ($version{'type'} eq 'ssh' && $version{'number'} < 2) {
32 # Days before password expires to warn
33 $pexpire = &find_value("PasswordExpireWarningDays", $conf);
34 print &ui_table_row($text{'users_pexpire'},
35 &ui_opt_textbox("pexpire", $pexpire, 5,
36 $text{'users_pexpire_def'}));
39 if ($version{'type'} ne 'ssh' || $version{'number'} < 3) {
40 # Allow password authentication?
41 $auth = &find_value("PasswordAuthentication", $conf);
42 print &ui_table_row($text{'users_auth'},
43 &ui_yesno_radio("auth", lc($auth) ne 'no'));
46 # Allow empty passwords?
47 $pempty = &find_value("PermitEmptyPasswords", $conf);
48 if ($version{'type'} eq 'ssh') {
49 print &ui_table_row($text{'users_pempty'},
50 &ui_yesno_radio("pempty", lc($pempty) ne 'no'));
53 print &ui_table_row($text{'users_pempty'},
54 &ui_yesno_radio("pempty", lc($pempty) eq 'yes'));
57 # Allow logins by root
58 $root = &find_value("PermitRootLogin", $conf);
60 # Default ways seems to be 'yes'
63 @opts = ( [ 'yes', $text{'yes'} ],
64 [ 'no', $text{'no'} ] );
65 if ($version{'type'} eq 'ssh') {
66 push(@opts, [ 'nopwd', $text{'users_nopwd'} ]);
69 push(@opts, [ 'without-password', $text{'users_nopwd'} ]);
70 if ($version{'number'} >= 2) {
71 push(@opts, [ 'forced-commands-only', $text{'users_fcmd'} ]);
74 print "</select></td>\n";
75 print &ui_table_row($text{'users_root'},
76 &ui_select("root", lc($root), \@opts));
78 # SSH 1 RSA authentication
79 if ($version{'type'} ne 'ssh' || $version{'number'} < 3) {
80 $rsa = &find_value("RSAAuthentication", $conf);
81 print &ui_table_row($text{'users_rsa'},
82 &ui_yesno_radio('rsa', lc($rsa) ne 'no'));
85 # SSH 2 DSA authentication
86 if ($version{'type'} eq 'openssh' && $version{'number'} >= 3) {
87 $rsa = &find_value("PubkeyAuthentication", $conf);
88 print &ui_table_row($text{'users_dsa'},
89 &ui_yesno_radio('dsa', lc($dsa) ne 'no'));
92 # Strictly check permissions
93 $strict = &find_value("StrictModes", $conf);
94 print &ui_table_row($text{'users_strict'},
95 &ui_yesno_radio('strict', lc($strict) ne 'no'));
97 # Show message of the day
98 $motd = &find_value("PrintMotd", $conf);
99 print &ui_table_row($text{'users_motd'},
100 &ui_yesno_radio('motd', lc($motd) ne 'no'));
102 if ($version{'type'} eq 'openssh') {
103 # Ignore known_hosts files
104 $known = &find_value("IgnoreUserKnownHosts", $conf);
105 print &ui_table_row($text{'users_known'},
106 &ui_yesno_radio("known", lc($known) eq 'yes'));
108 if ($version{'number'} > 2.3) {
109 # Show login banner from file
110 $banner = &find_value("Banner", $conf);
111 print &ui_table_row($text{'users_banner'},
112 &ui_opt_textbox("banner", $banner, 50,
113 $text{'users_banner_def'})." ".
114 &file_chooser_button("banner"));
117 elsif ($version{'type'} eq 'ssh' && $version{'number'} >= 2) {
118 # Show login banner from file
119 $banner = &find_value("BannerMessageFile", $conf);
120 print &ui_table_row($text{'users_banner'},
121 &ui_opt_textbox("banner", $banner, 50,
122 $text{'users_banner_def'})." ".
123 &file_chooser_button("banner"));
126 if ($version{'type'} eq 'openssh' && $version{'number'} >= 3) {
127 # Authorized keys file (under home)
128 $authkeys = &find_value("AuthorizedKeysFile", $conf);
129 print &ui_table_row($text{'users_authkeys'},
130 &ui_opt_textbox("authkeys", $authkeys, 20,
131 $text{'users_authkeys_def'},
132 $text{'users_authkeys_set'}));
135 if ($version{'type'} eq 'openssh' && $version{'number'} >= 5) {
137 $maxauthtries = &find_value("MaxAuthTries", $conf);
138 print &ui_table_row($text{'users_maxauthtries'},
139 &ui_opt_textbox("maxauthtries", $maxauthtries, 5,
140 $text{'default'}." (6)"));
143 print &ui_table_hr();
145 if ($version{'type'} eq 'openssh' && $version{'number'} < 3.7 ||
146 $version{'type'} eq 'ssh' && $version{'number'} < 2) {
147 # Allow rhosts file authentication?
148 $rhostsauth = &find_value("RhostsAuthentication", $conf);
149 print &ui_table_row($text{'users_rhostsauth'},
150 &ui_yesno_radio("rhostsauth", lc($rhostsauth) eq 'yes'));
152 # Allow RSA rhosts file authentication?
153 $rhostsrsa = &find_value("RhostsRSAAuthentication", $conf);
154 if ($version{'type'} eq 'ssh') {
155 print &ui_table_row($text{'users_rhostsrsa'},
156 &ui_yesno_radio("rhostsrsa", lc($rhostsrsa) ne 'no'));
159 print &ui_table_row($text{'users_rhostsrsa'},
160 &ui_yesno_radio("rhostsrsa", lc($rhostsrsa) eq 'yes'));
164 # Ignore rhosts files?
165 $rhosts = &find_value("IgnoreRhosts", $conf);
166 if ($version{'type'} eq 'ssh') {
167 print &ui_table_row($text{'users_rhosts'},
168 &ui_yesno_radio("rhosts", lc($rhosts) eq 'yes'));
171 print &ui_table_row($text{'users_rhosts'},
172 &ui_yesno_radio("rhosts", lc($rhosts) ne 'no'));
175 # Ignore root's rhosts file?
176 if ($version{'type'} eq 'ssh') {
177 $rrhosts = &find_value("IgnoreRootRhosts", $conf);
178 print &ui_table_row($text{'users_rrhosts'},
179 &ui_radio("rrhosts", lc($rrhosts) eq 'yes' ? 1 :
180 lc($rrhosts) eq 'no' ? 0 : -1,
181 [ [ 1, $text{'yes'} ], [ 0, $text{'no'} ],
182 [ -1, $text{'users_rrdef'} ] ]));
185 print &ui_table_end();
186 print &ui_form_end([ [ undef, $text{'save'} ] ]);
188 &ui_print_footer("", $text{'index_return'});