Git-Mirrors/qusal
1
0
Fork 0
mirror of https://github.com/ben-grande/qusal.git synced 2025-07-20 13:18:50 -04:00
Code Issues Projects Releases Packages Wiki Activity

feat: use native TCP socket with Qrexec

Browse source
This commit is contained in:
Ben Grande 2024-06-25 01:28:53 +02:00
parent 95289ed19a
commit 4facf458b7
No known key found for this signature in database
GPG key ID: 00C64E14F51F9E56
10 changed files with 63 additions and 57 deletions
Download patch file Download diff file Expand all files Collapse all files

9
salt/sys-ssh/files/server/rpc/qusal.Ssh
View file

@ -1,9 +0,0 @@
#!/bin/sh
# SPDX-FileCopyrightText: 2022 unman <unman@thirdeyesecurity.org>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
set -eu
exec socat STDIO TCP:localhost:22

21
salt/sys-ssh/install.sls
View file

@ -18,7 +18,6 @@ include:
- skip_suggestions: True
- pkgs:
- openssh-server
- socat
- man-db
"{{ slsdotpath }}-stop-ssh":
@ -33,14 +32,22 @@ include:
service.masked:
- name: ssh
"{{ slsdotpath }}-set-rpc-services":
file.recurse:
- name: /etc/qubes-rpc/
- source: salt://{{ slsdotpath }}/files/server/rpc/
- dir_mode: '0755'
- file_mode: '0755'
"{{ slsdotpath }}-rpc":
file.symlink:
- name: /etc/qubes-rpc/qusal.Ssh
- target: /dev/tcp/127.0.0.1/22
- user: root
- group: root
- force: True
- makedirs: True
"{{ slsdotpath }}-rpc-config":
file.symlink:
- name: /etc/qubes/rpc-config/qusal.Ssh
- target: /etc/qubes/rpc-config/qubes.ConnectTCP
- user: root
- group: root
- force: True
- makedirs: True
"{{ slsdotpath }}-sshd-config":