[people/pmueller/ipfire-2.x.git] / html / cgi-bin / remote.cgi

#!/usr/bin/perl
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2007-2020  IPFire Team  <info@ipfire.org>                     #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

use strict;

# enable only the following on debugging purpose
#use warnings;
#use CGI::Carp 'fatalsToBrowser';

use IO::Socket;

require '/var/ipfire/general-functions.pl';
require "${General::swroot}/location-functions.pl";
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";

my %color = ();
my %mainsettings = ();
my %remotesettings=();
my %checked=();
my $errormessage='';
my $counter = 0;

&General::readhash("${General::swroot}/main/settings", \%mainsettings);
&General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \%color);

&Header::showhttpheaders();

$remotesettings{'ENABLE_SSH'} = 'off';
$remotesettings{'ENABLE_SSH_PORTFW'} = 'off';
$remotesettings{'ACTION'} = '';
&Header::getcgihash(\%remotesettings);

if ( (($remotesettings{'ACTION'} eq $Lang::tr{'save'}) || ($remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart15'}) || ($remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart30'})) && $remotesettings{'ACTION'} ne "" )
{
	# not existing here indicates the box is unticked
	$remotesettings{'ENABLE_SSH_PASSWORDS'} = 'off' unless exists $remotesettings{'ENABLE_SSH_PASSWORDS'};
	$remotesettings{'ENABLE_SSH_KEYS'} = 'off' unless exists $remotesettings{'ENABLE_SSH_KEYS'};


	&General::writehash("${General::swroot}/remote/settings", \%remotesettings);
	if ($remotesettings{'ENABLE_SSH'} eq 'on')
	{
		&General::log($Lang::tr{'ssh is enabled'});
		if  ($remotesettings{'ENABLE_SSH_PASSWORDS'} eq 'off'
		 and $remotesettings{'ENABLE_SSH_KEYS'}      eq 'off')
		{
			$errormessage = $Lang::tr{'ssh no auth'};
		}
		&General::system('/usr/bin/touch', "${General::swroot}/remote/enablessh");
	}
	else
	{
		&General::log($Lang::tr{'ssh is disabled'});
		unlink "${General::swroot}/remote/enablessh";
	}
	
	if ($remotesettings{'SSH_PORT'} eq 'on')
	{
		&General::log("SSH Port 22");
	}
	else
	{
		&General::log("SSH Port 222");
	}
	
if ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart15'} || $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart30'} ){
	if ($remotesettings{'ENABLE_SSH'} eq 'off')
	{
			&General::system('/usr/bin/touch', "${General::swroot}/remote/enablessh");
			&General::system('/usr/local/bin/sshctrl');
	}
  if ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart15'} ) { $counter = 900;}
  elsif ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart30'} ) { $counter = 1800;}
 
  system("/usr/local/bin/sshctrl tempstart $counter >/dev/null");
 }
else {
	system('/usr/local/bin/sshctrl') == 0
		or $errormessage = "$Lang::tr{'bad return code'} " . $?/256;
 }
}

&General::readhash("${General::swroot}/remote/settings", \%remotesettings);

# not existing here means they're undefined and the default value should be
# used
	$remotesettings{'ENABLE_SSH_PASSWORDS'} = 'on' unless exists $remotesettings{'ENABLE_SSH_PASSWORDS'};
	$remotesettings{'ENABLE_SSH_KEYS'} = 'on' unless exists $remotesettings{'ENABLE_SSH_KEYS'};
	$remotesettings{'SSH_AGENT_FORWARDING'} = 'off' unless exists $remotesettings{'SSH_AGENT_FORWARDING'};

$checked{'ENABLE_SSH'}{'off'} = '';
$checked{'ENABLE_SSH'}{'on'} = '';
$checked{'ENABLE_SSH'}{$remotesettings{'ENABLE_SSH'}} = "checked='checked'";
$checked{'ENABLE_SSH_PORTFW'}{'off'} = '';
$checked{'ENABLE_SSH_PORTFW'}{'on'} = '';
$checked{'ENABLE_SSH_PORTFW'}{$remotesettings{'ENABLE_SSH_PORTFW'}} = "checked='checked'";
$checked{'ENABLE_SSH_PASSWORDS'}{'off'} = '';
$checked{'ENABLE_SSH_PASSWORDS'}{'on'} = '';
$checked{'ENABLE_SSH_PASSWORDS'}{$remotesettings{'ENABLE_SSH_PASSWORDS'}} = "checked='checked'";
$checked{'ENABLE_SSH_KEYS'}{'off'} = '';
$checked{'ENABLE_SSH_KEYS'}{'on'} = '';
$checked{'ENABLE_SSH_KEYS'}{$remotesettings{'ENABLE_SSH_KEYS'}} = "checked='checked'";
$checked{'SSH_PORT'}{'off'} = '';
$checked{'SSH_PORT'}{'on'} = '';
$checked{'SSH_PORT'}{$remotesettings{'SSH_PORT'}} = "checked='checked'";
$checked{'SSH_AGENT_FORWARDING'}{'off'} = '';
$checked{'SSH_AGENT_FORWARDING'}{'on'} = '';
$checked{'SSH_AGENT_FORWARDING'}{$remotesettings{'SSH_AGENT_FORWARDING'}} = "checked='checked'";

&Header::openpage($Lang::tr{'remote access'}, 1, '');

&Header::openbigbox('100%', 'left', '', $errormessage);

if ($errormessage) {
	&Header::openbox('100%', 'left', $Lang::tr{'error messages'});
	print "<font class='base'>$errormessage&nbsp;</font>\n";
	&Header::closebox();
}

print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";

&Header::openbox('100%', 'left', $Lang::tr{'ssh'});
print <<END
<table width='100%'>
<tr>
	<td><input type='checkbox' name='ENABLE_SSH' $checked{'ENABLE_SSH'}{'on'} /></td>
	<td class='base' colspan='2'>$Lang::tr{'ssh access'}</td>
</tr>
<tr>
	<td>&nbsp;</td>
	<td><input type='checkbox' name='SSH_AGENT_FORWARDING' $checked{'SSH_AGENT_FORWARDING'}{'on'} /></td>
	<td width='100%' class='base'>$Lang::tr{'ssh agent forwarding'}</td>
</tr>
<tr>
	<td>&nbsp;</td>
	<td><input type='checkbox' name='ENABLE_SSH_PORTFW' $checked{'ENABLE_SSH_PORTFW'}{'on'} /></td>
	<td width='100%' class='base'>$Lang::tr{'ssh portfw'}</td>
</tr>
<tr>
	<td>&nbsp;</td>
	<td><input type='checkbox' name='ENABLE_SSH_PASSWORDS' $checked{'ENABLE_SSH_PASSWORDS'}{'on'} /></td>
	<td width='100%' class='base'>$Lang::tr{'ssh passwords'}</td>
</tr>
<tr>
	<td>&nbsp;</td>
	<td><input type='checkbox' name='ENABLE_SSH_KEYS' $checked{'ENABLE_SSH_KEYS'}{'on'} /></td>
	<td width='100%' class='base'>$Lang::tr{'ssh keys'}</td>
</tr>
<tr>
	<td>&nbsp;</td>
	<td><input type='checkbox' name='SSH_PORT' $checked{'SSH_PORT'}{'on'} /></td>
	<td width='100%' class='base'>$Lang::tr{'ssh port'}</td>
</tr>
<tr>
	<td align='right' colspan='3'>
	<input type='submit' name='ACTION' value='$Lang::tr{'ssh tempstart15'}' />
	<input type='submit' name='ACTION' value='$Lang::tr{'ssh tempstart30'}' />
	<input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
</tr>
</table>
END
;
&Header::closebox();

print "</form>\n";

&Header::openbox('100%', 'center', $Lang::tr{'ssh host keys'});

print "<table class='tbl' width='100%'>\n";

print <<END
<thead>
	<tr>
		<th align="center"><strong>$Lang::tr{'ssh key'}</strong></th>
		<th align="center"><strong>$Lang::tr{'type'}</strong></th>
		<th align="center"><strong>$Lang::tr{'ssh fingerprint'}</strong></th>
		<th align="center"><strong>$Lang::tr{'ssh key size'}</strong></th>
	</tr>
</thead>
<tbody>
END
;

&viewkey("/etc/ssh/ssh_host_key.pub","RSA1");
&viewkey("/etc/ssh/ssh_host_rsa_key.pub","RSA2");
&viewkey("/etc/ssh/ssh_host_dsa_key.pub","DSA");
&viewkey("/etc/ssh/ssh_host_ecdsa_key.pub","ECDSA");
&viewkey("/etc/ssh/ssh_host_ed25519_key.pub","ED25519");

print "</tbody>\n</table>\n";

&Header::closebox();

&Header::openbox('100%', 'center', $Lang::tr{'ssh active sessions'});

print <<END;
		<table class="tbl" width="100%">
			<thead>
				<tr>
					<th align="center">
						<strong>$Lang::tr{'ssh username'}</strong>
					</th>
					<th align="center">
						<strong>$Lang::tr{'ssh login time'}</strong>
					</th>
					<th align="center">
						<strong>$Lang::tr{'ip address'}</strong>
					</th>
					<th align="center">
						<strong>$Lang::tr{'country'}</strong>
					</th>
					<th align="center">
						<strong>$Lang::tr{'rdns'}</strong>
					</th>
				</tr>
			</thead>
			<tbody>
END

&printactivelogins();

print "</tbody>\n</table>\n";

&Header::closebox();

&Header::closebigbox();

&Header::closepage();


sub viewkey
{
  my $key = $_[0];
  my $name = $_[1];

  if ( -e $key )
  {
    # Use safe system_output function to call ssh-keygen and get the output from the tool.
    my @ssh_keygen = &General::system_output("/usr/bin/ssh-keygen", "-l", "-f", "$key");

    my @temp = split(/ /, $ssh_keygen[0]);
    my $keysize = &Header::cleanhtml($temp[0],"y");
    my $fingerprint = &Header::cleanhtml($temp[1],"y");
    print "<tr><td><code>$key</code></td><td align='center'>$name</td><td><code>$fingerprint</code></td><td align='center'>$keysize</td></tr>\n";
  }
}

sub printactivelogins()
{
	# print active SSH logins (grep outpout of "who -s")
	my @output = &General::system_output("who", "-s");
	chomp(@output);

	my $id = 0;

	if ( scalar(@output) == 0 )
	{
		# no logins appeared
		my $table_colour = ($id++ % 2) ? $color{'color20'} : $color{'color22'};
		print "<tr bgcolor='$table_colour'><td colspan='5'>$Lang::tr{'ssh no active logins'}</td></tr>\n";
	} else {
		# list active logins...
		foreach my $line (@output)
		{
			my @arry = split(/\ +/, $line);

			my $username = @arry[0];
			my $logintime = join(' ', @arry[2..4]);
			my $remoteip = @arry[5];
			$remoteip =~ s/[()]//g;

			# display more information about that IP adress...
			my $ccode = &Location::Functions::lookup_country_code($remoteip);
			my $flag_icon = &Location::Functions::get_flag_icon($ccode);

			# get rDNS...
			my $iaddr = inet_aton($remoteip);
			my $rdns = gethostbyaddr($iaddr, AF_INET);
			if (!$rdns) { $rdns = $Lang::tr{'ptr lookup failed'}; };

			my $table_colour = ($id++ % 2) ? $color{'color20'} : $color{'color22'};

			print <<END;
			<tr bgcolor='$table_colour'>
				<td>$username</td>
				<td>$logintime</td>
				<td align='center'><a href='ipinfo.cgi?ip=$remoteip'>$remoteip</a></td>
				<td align='center'><a href='country.cgi#$ccode'><img src='$flag_icon' border='0' alt='$ccode' title='$ccode' /></a></td>
				<td>$rdns</td>
			</tr>
END
;
		}
	}
}
Commit	Line	Data
ac1cfefa	1	#!/usr/bin/perl
70df8302 MT	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
358e42ff	5	# Copyright (C) 2007-2020 IPFire Team <info@ipfire.org> #
70df8302 MT	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
ac1cfefa MT	21
	22	use strict;
	23
	24	# enable only the following on debugging purpose
	25	#use warnings;
	26	#use CGI::Carp 'fatalsToBrowser';
	27
9159bd4b PM	28	use IO::Socket;
9159bd4b PM	29
986e08d9	30	require '/var/ipfire/general-functions.pl';
69d431e4	31	require "${General::swroot}/location-functions.pl";
ac1cfefa MT	32	require "${General::swroot}/lang.pl";
	33	require "${General::swroot}/header.pl";
	34
9159bd4b PM	35	my %color = ();
9159bd4b PM	36	my %mainsettings = ();
ac1cfefa MT	37	my %remotesettings=();
	38	my %checked=();
	39	my $errormessage='';
113cd628	40	my $counter = 0;
ac1cfefa	41
9159bd4b	42	&General::readhash("${General::swroot}/main/settings", \%mainsettings);
8186b372	43	&General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \%color);
9159bd4b	44
ac1cfefa MT	45	&Header::showhttpheaders();
	46
	47	$remotesettings{'ENABLE_SSH'} = 'off';
ac1cfefa MT	48	$remotesettings{'ENABLE_SSH_PORTFW'} = 'off';
	49	$remotesettings{'ACTION'} = '';
	50	&Header::getcgihash(\%remotesettings);
	51
05c71989	52	if ( (($remotesettings{'ACTION'} eq $Lang::tr{'save'}) \|\| ($remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart15'}) \|\| ($remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart30'})) && $remotesettings{'ACTION'} ne "" )
ac1cfefa MT	53	{
	54	# not existing here indicates the box is unticked
	55	$remotesettings{'ENABLE_SSH_PASSWORDS'} = 'off' unless exists $remotesettings{'ENABLE_SSH_PASSWORDS'};
	56	$remotesettings{'ENABLE_SSH_KEYS'} = 'off' unless exists $remotesettings{'ENABLE_SSH_KEYS'};
	57
	58
	59	&General::writehash("${General::swroot}/remote/settings", \%remotesettings);
	60	if ($remotesettings{'ENABLE_SSH'} eq 'on')
	61	{
	62	&General::log($Lang::tr{'ssh is enabled'});
	63	if ($remotesettings{'ENABLE_SSH_PASSWORDS'} eq 'off'
	64	and $remotesettings{'ENABLE_SSH_KEYS'} eq 'off')
	65	{
	66	$errormessage = $Lang::tr{'ssh no auth'};
	67	}
d57cecaa	68	&General::system('/usr/bin/touch', "${General::swroot}/remote/enablessh");
ac1cfefa MT	69	}
	70	else
	71	{
	72	&General::log($Lang::tr{'ssh is disabled'});
	73	unlink "${General::swroot}/remote/enablessh";
	74	}
6624878a JPT	75
	76	if ($remotesettings{'SSH_PORT'} eq 'on')
	77	{
	78	&General::log("SSH Port 22");
	79	}
	80	else
	81	{
	82	&General::log("SSH Port 222");
	83	}
	84
113cd628 CS	85	if ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart15'} \|\| $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart30'} ){
	86	if ($remotesettings{'ENABLE_SSH'} eq 'off')
	87	{
d57cecaa MT	88	&General::system('/usr/bin/touch', "${General::swroot}/remote/enablessh");
d57cecaa MT	89	&General::system('/usr/local/bin/sshctrl');
113cd628 CS	90	}
	91	if ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart15'} ) { $counter = 900;}
	92	elsif ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart30'} ) { $counter = 1800;}
	93
	94	system("/usr/local/bin/sshctrl tempstart $counter >/dev/null");
70db8683 CS	95	}
70db8683 CS	96	else {
900832fa	97	system('/usr/local/bin/sshctrl') == 0
ac1cfefa	98	or $errormessage = "$Lang::tr{'bad return code'} " . $?/256;
70db8683	99	}
ac1cfefa MT	100	}
	101
	102	&General::readhash("${General::swroot}/remote/settings", \%remotesettings);
	103
	104	# not existing here means they're undefined and the default value should be
	105	# used
	106	$remotesettings{'ENABLE_SSH_PASSWORDS'} = 'on' unless exists $remotesettings{'ENABLE_SSH_PASSWORDS'};
	107	$remotesettings{'ENABLE_SSH_KEYS'} = 'on' unless exists $remotesettings{'ENABLE_SSH_KEYS'};
e918b62a	108	$remotesettings{'SSH_AGENT_FORWARDING'} = 'off' unless exists $remotesettings{'SSH_AGENT_FORWARDING'};
ac1cfefa MT	109
	110	$checked{'ENABLE_SSH'}{'off'} = '';
	111	$checked{'ENABLE_SSH'}{'on'} = '';
	112	$checked{'ENABLE_SSH'}{$remotesettings{'ENABLE_SSH'}} = "checked='checked'";
ac1cfefa MT	113	$checked{'ENABLE_SSH_PORTFW'}{'off'} = '';
	114	$checked{'ENABLE_SSH_PORTFW'}{'on'} = '';
	115	$checked{'ENABLE_SSH_PORTFW'}{$remotesettings{'ENABLE_SSH_PORTFW'}} = "checked='checked'";
	116	$checked{'ENABLE_SSH_PASSWORDS'}{'off'} = '';
	117	$checked{'ENABLE_SSH_PASSWORDS'}{'on'} = '';
	118	$checked{'ENABLE_SSH_PASSWORDS'}{$remotesettings{'ENABLE_SSH_PASSWORDS'}} = "checked='checked'";
	119	$checked{'ENABLE_SSH_KEYS'}{'off'} = '';
	120	$checked{'ENABLE_SSH_KEYS'}{'on'} = '';
	121	$checked{'ENABLE_SSH_KEYS'}{$remotesettings{'ENABLE_SSH_KEYS'}} = "checked='checked'";
6624878a JPT	122	$checked{'SSH_PORT'}{'off'} = '';
	123	$checked{'SSH_PORT'}{'on'} = '';
	124	$checked{'SSH_PORT'}{$remotesettings{'SSH_PORT'}} = "checked='checked'";
e918b62a PM	125	$checked{'SSH_AGENT_FORWARDING'}{'off'} = '';
	126	$checked{'SSH_AGENT_FORWARDING'}{'on'} = '';
	127	$checked{'SSH_AGENT_FORWARDING'}{$remotesettings{'SSH_AGENT_FORWARDING'}} = "checked='checked'";
ac1cfefa MT	128
	129	&Header::openpage($Lang::tr{'remote access'}, 1, '');
	130
	131	&Header::openbigbox('100%', 'left', '', $errormessage);
	132
	133	if ($errormessage) {
	134	&Header::openbox('100%', 'left', $Lang::tr{'error messages'});
c1a07263	135	print "<font class='base'>$errormessage </font>\n";
ac1cfefa MT	136	&Header::closebox();
	137	}
	138
	139	print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
	140
748cfb0b	141	&Header::openbox('100%', 'left', $Lang::tr{'ssh'});
ac1cfefa MT	142	print <<END
	143	<table width='100%'>
	144	<tr>
	145	<td><input type='checkbox' name='ENABLE_SSH' $checked{'ENABLE_SSH'}{'on'} /></td>
	146	<td class='base' colspan='2'>$Lang::tr{'ssh access'}</td>
	147	</tr>
0851afba MT	148	<tr>
	149	<td> </td>
	150	<td><input type='checkbox' name='SSH_AGENT_FORWARDING' $checked{'SSH_AGENT_FORWARDING'}{'on'} /></td>
	151	<td width='100%' class='base'>$Lang::tr{'ssh agent forwarding'}</td>
	152	</tr>
ac1cfefa MT	153	<tr>
	154	<td> </td>
	155	<td><input type='checkbox' name='ENABLE_SSH_PORTFW' $checked{'ENABLE_SSH_PORTFW'}{'on'} /></td>
	156	<td width='100%' class='base'>$Lang::tr{'ssh portfw'}</td>
	157	</tr>
	158	<tr>
	159	<td> </td>
	160	<td><input type='checkbox' name='ENABLE_SSH_PASSWORDS' $checked{'ENABLE_SSH_PASSWORDS'}{'on'} /></td>
	161	<td width='100%' class='base'>$Lang::tr{'ssh passwords'}</td>
	162	</tr>
	163	<tr>
	164	<td> </td>
	165	<td><input type='checkbox' name='ENABLE_SSH_KEYS' $checked{'ENABLE_SSH_KEYS'}{'on'} /></td>
	166	<td width='100%' class='base'>$Lang::tr{'ssh keys'}</td>
	167	</tr>
6624878a JPT	168	<tr>
	169	<td> </td>
	170	<td><input type='checkbox' name='SSH_PORT' $checked{'SSH_PORT'}{'on'} /></td>
	171	<td width='100%' class='base'>$Lang::tr{'ssh port'}</td>
	172	</tr>
ac1cfefa	173	<tr>
748cfb0b	174	<td align='right' colspan='3'>
bba7212c MT	175	<input type='submit' name='ACTION' value='$Lang::tr{'ssh tempstart15'}' />
	176	<input type='submit' name='ACTION' value='$Lang::tr{'ssh tempstart30'}' />
	177	<input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
ac1cfefa MT	178	</tr>
	179	</table>
	180	END
	181	;
	182	&Header::closebox();
	183
	184	print "</form>\n";
	185
ea566f84	186	&Header::openbox('100%', 'center', $Lang::tr{'ssh host keys'});
ac1cfefa	187
05f68686	188	print "<table class='tbl' width='100%'>\n";
ac1cfefa MT	189
ac1cfefa MT	190	print <<END
ea566f84 PM	191	<thead>
	192	<tr>
	193	<th align="center"><strong>$Lang::tr{'ssh key'}</strong></th>
	194	<th align="center"><strong>$Lang::tr{'type'}</strong></th>
	195	<th align="center"><strong>$Lang::tr{'ssh fingerprint'}</strong></th>
	196	<th align="center"><strong>$Lang::tr{'ssh key size'}</strong></th>
	197	</tr>
	198	</thead>
	199	<tbody>
ac1cfefa MT	200	END
	201	;
	202
	203	&viewkey("/etc/ssh/ssh_host_key.pub","RSA1");
	204	&viewkey("/etc/ssh/ssh_host_rsa_key.pub","RSA2");
	205	&viewkey("/etc/ssh/ssh_host_dsa_key.pub","DSA");
abcbbd1f	206	&viewkey("/etc/ssh/ssh_host_ecdsa_key.pub","ECDSA");
c924c7d1	207	&viewkey("/etc/ssh/ssh_host_ed25519_key.pub","ED25519");
ac1cfefa	208
ea566f84	209	print "</tbody>\n</table>\n";
ac1cfefa MT	210
	211	&Header::closebox();
	212
ea566f84	213	&Header::openbox('100%', 'center', $Lang::tr{'ssh active sessions'});
9159bd4b PM	214
9159bd4b PM	215	print <<END;
05f68686	216	<table class="tbl" width="100%">
9159bd4b PM	217	<thead>
	218	<tr>
	219	<th align="center">
	220	<strong>$Lang::tr{'ssh username'}</strong>
	221	</th>
	222	<th align="center">
	223	<strong>$Lang::tr{'ssh login time'}</strong>
	224	</th>
	225	<th align="center">
	226	<strong>$Lang::tr{'ip address'}</strong>
	227	</th>
	228	<th align="center">
	229	<strong>$Lang::tr{'country'}</strong>
	230	</th>
	231	<th align="center">
	232	<strong>$Lang::tr{'rdns'}</strong>
	233	</th>
	234	</tr>
	235	</thead>
	236	<tbody>
	237	END
	238
	239	&printactivelogins();
	240
	241	print "</tbody>\n</table>\n";
	242
	243	&Header::closebox();
	244
ac1cfefa MT	245	&Header::closebigbox();
	246
	247	&Header::closepage();
	248
	249
	250	sub viewkey
	251	{
	252	my $key = $_[0];
	253	my $name = $_[1];
	254
	255	if ( -e $key )
	256	{
3f5cb3b7	257	# Use safe system_output function to call ssh-keygen and get the output from the tool.
e2839b1a	258	my @ssh_keygen = &General::system_output("/usr/bin/ssh-keygen", "-l", "-f", "$key");
3f5cb3b7	259
e2839b1a	260	my @temp = split(/ /, $ssh_keygen[0]);
ac1cfefa MT	261	my $keysize = &Header::cleanhtml($temp[0],"y");
ac1cfefa MT	262	my $fingerprint = &Header::cleanhtml($temp[1],"y");
ea566f84	263	print "<tr><td><code>$key</code></td><td align='center'>$name</td><td><code>$fingerprint</code></td><td align='center'>$keysize</td></tr>\n";
ac1cfefa MT	264	}
ac1cfefa MT	265	}
9159bd4b PM	266
	267	sub printactivelogins()
	268	{
	269	# print active SSH logins (grep outpout of "who -s")
3f5cb3b7	270	my @output = &General::system_output("who", "-s");
9159bd4b PM	271	chomp(@output);
	272
	273	my $id = 0;
	274
	275	if ( scalar(@output) == 0 )
	276	{
	277	# no logins appeared
05f68686	278	my $table_colour = ($id++ % 2) ? $color{'color20'} : $color{'color22'};
9159bd4b PM	279	print "<tr bgcolor='$table_colour'><td colspan='5'>$Lang::tr{'ssh no active logins'}</td></tr>\n";
	280	} else {
	281	# list active logins...
9159bd4b PM	282	foreach my $line (@output)
	283	{
	284	my @arry = split(/\ +/, $line);
	285
	286	my $username = @arry[0];
	287	my $logintime = join(' ', @arry[2..4]);
	288	my $remoteip = @arry[5];
	289	$remoteip =~ s/[()]//g;
	290
	291	# display more information about that IP adress...
07e42be9	292	my $ccode = &Location::Functions::lookup_country_code($remoteip);
69d431e4	293	my $flag_icon = &Location::Functions::get_flag_icon($ccode);
9159bd4b PM	294
	295	# get rDNS...
	296	my $iaddr = inet_aton($remoteip);
	297	my $rdns = gethostbyaddr($iaddr, AF_INET);
358e42ff	298	if (!$rdns) { $rdns = $Lang::tr{'ptr lookup failed'}; };
9159bd4b	299
05f68686	300	my $table_colour = ($id++ % 2) ? $color{'color20'} : $color{'color22'};
9159bd4b PM	301
	302	print <<END;
	303	<tr bgcolor='$table_colour'>
	304	<td>$username</td>
	305	<td>$logintime</td>
ea566f84	306	<td align='center'><a href='ipinfo.cgi?ip=$remoteip'>$remoteip</a></td>
9159bd4b PM	307	<td align='center'><a href='country.cgi#$ccode'><img src='$flag_icon' border='0' alt='$ccode' title='$ccode' /></a></td>
	308	<td>$rdns</td>
	309	</tr>
	310	END
	311	;
	312	}
	313	}
	314	}