X-Git-Url: https://git.cweiske.de/ssh-dyndns.git/blobdiff_plain/81715db87f0b2bdd560923025d2c3795142a4644..HEAD:/README.rst diff --git a/README.rst b/README.rst index 55947a9..34f507c 100644 --- a/README.rst +++ b/README.rst @@ -10,6 +10,7 @@ SSH provides secure, password-less key-based authentication. Upon login, the remote IP is used to create/update a tinydns file with the DNS record for a hostname given by the SSH client. +In addition to the IP record, a TXT record with the update time will be added. tinydns is part of the dbjdns/dbndns package. @@ -18,19 +19,20 @@ tinydns is part of the dbjdns/dbndns package. Setup ===== +Server +====== 1. Clone ssh-dyndns into a sensible location, e.g. ``/usr/local/src/ssh-dyndns``:: $ cd /usr/local/src/ && git clone git://git.cweiske.de/ssh-dyndns.git 2. Create a user with ``ssh-dyndns`` as login shell:: - $ useradd -g nogroup -m -N -s /usr/local/src/ssh-dyndns dyndns + $ useradd -g nogroup -m -N -s /usr/local/src/ssh-dyndns/ssh-dyndns dyndns -3. Setup password-less ssh keys for the dyndns user:: +3. Prepare password-less ssh keys for the dyndns user:: $ su - dyndns -s /bin/bash $ mkdir ~/.ssh - $ cat /path/to/key.pub >> ~/.ssh/authorized_keys 4. Prevent showing login messages:: @@ -43,6 +45,34 @@ Setup $ cp /usr/local/src/ssh-dyndns/ssh-dyndns.sh.config-dist /etc/ssh-dyndns.sh $ nano /etc/ssh-dyndns.sh +6. Allow ssh-dyndns to run "sudo make" without password:: + + $ visudo + dyndns ALL= NOPASSWD: /usr/bin/make + + +Client +====== +On a machine at home, or which other IP you want to dyndns, setup a new ssh key +as one of your users:: + + $ mkdir ~ssh-dyndns + $ cd ~/ssh-dyndns + $ ssh-keygen -N "" -C "dyndns@home.example.org" -f ~/ssh-dyndns/ssh-dyndns_rsa + +Copy the contents of the public key (``ssh-dyndns_rsa.pub``) into +``/home/dyndns/.ssh/authorized_keys`` on your server. + +Run the next command manually to confirm the new ssh key:: + + $ cd ~/ssh-dyndns/ && ssh -i ssh-dyndns_rsa dyndns@example.org home.example.org + +If that worked, and you DNS entry worked, add the command to cron:: + + $ crontab -e + # update dns entry home.example.org every 5 minutes + */5 * * * * cd /home/$user/ssh-dyndns/ && ssh -i ssh-dyndns_rsa dyndns@example.org home.example.org + Configuration ============= @@ -64,6 +94,14 @@ The configuration file may define the following variables: DNS entry TTL (time to live) in seconds Default: 300 +``domain_patterns`` + Defines patterns for domains that may be dynamically changed. + If the domain name does not match the pattern, the script aborts. + + You may use several patterns by separating them with a space. + Shell wildcards are supported (``*`` and ``?``). + + Default: ``home.example.org *.home.example.org`` ===== @@ -79,6 +117,35 @@ compile the ``data.cdb`` file. tinydns will automatically pick up the change. +Check time of last update +========================= +:: + + $ dig +short home.example.org ANY + "Last update 2013-08-21 21.21.28+02.00." + 123.45.67.89 + + +Test +==== +You can test it locally: + +1. Create config file:: + + $ cp ssh-dyndns.sh.config-dist ~/.config/ssh-dyndns.sh + +2. Create dummy makefile:: + + $ touch /tmp/Makefile + +3. Run it:: + + $ SSH_CLIENT=192.168.1.4 SSH_CONNECTION=1 ./ssh-dyndns foo home.example.org + +4. See generated file:: + + $ cat /tmp/data-dyndns-home.example.org + ==== Bugs ====