1#!/bin/sh 2# 3# $NetBSD: skeyaudit.sh,v 1.5 2022/10/11 15:59:38 is Exp $ 4# 5# This script will look thru the skeykeys file for 6# people with sequence numbers less than LOWLIMIT=12 7# and send them an e-mail reminder to use skeyinit soon 8# 9 10AWK=/usr/bin/awk 11GREP=/usr/bin/grep 12ECHO=/bin/echo 13KEYDB=/etc/skeykeys 14LOWLIMIT=12 15ADMIN=root 16SUBJECT="Reminder: Run skeyinit" 17HOST=`/bin/hostname` 18 19 20if [ "$1" != "" ] 21then 22 LOWLIMIT=$1 23fi 24 25if [ ! -s "${KEYDB}" ]; then 26 exit 0 27fi 28 29# an skeykeys entry looks like 30# jsw 0076 la13079 ba20a75528de9d3a 31# #oot md5 0005 aspa26398 9432d570ff4421f0 Jul 07,2000 01:36:43 32# mjl sha1 0099 alpha2 459a5dac23d20a90 Jul 07,2000 02:14:17 33# the sequence number is the second (or third) entry 34# 35 36SKEYS=`$AWK '/^#/ {next} {if($2 ~ /^[0-9]+$/) print $1,$2,$3; else print $1,$3,$4; }' $KEYDB` 37 38set -- ${SKEYS} 39 40while [ "X$1" != "X" ]; do 41 USER=$1 42 SEQ=$2 43 KEY=$3 44 shift 3 45 # echo "$USER -- $SEQ -- $KEY" 46 if [ $SEQ -lt $LOWLIMIT ]; then 47 if [ $SEQ -lt 3 ]; then 48 SUBJECT="IMPORTANT action required" 49 fi 50 ( 51 $ECHO "You are nearing the end of your current S/Key sequence for account $i" 52 $ECHO "on system $HOST." 53 $ECHO "" 54 $ECHO "Your S/key sequence number is now $SEQ. When it reaches zero you" 55 $ECHO "will no longer be able to use S/Key to login into the system. " 56 $ECHO " " 57 $ECHO "Use \"skeyinit -s\" to reinitialize your sequence number." 58 $ECHO "" 59 ) | /usr/bin/mailx -s "$SUBJECT" $USER $ADMIN 60 fi 61done 62