update

web/admin/firewall/__init__.py

@@ -93,9 +93,9 @@ def set_fw():
     status = request.form.get('status', '1')
     return MwFirewall.instance().setFw(status)
 
-@blueprint.route('/set_fw', endpoint='set_fw', methods=['POST'])
+@blueprint.route('/set_ssh_pass_status', endpoint='set_ssh_pass_status', methods=['POST'])
 @panel_login_required
-def set_fw():
+def set_ssh_pass_status():
     if mw.isAppleSystem():
         return mw.returnData(True, '开发机不能设置!')
     status = request.form.get('status', '1')

web/static/app/firewall.js

@@ -53,33 +53,43 @@ function sshMgr(){
 	$.post('/firewall/get_ssh_info', '', function(rdata){
 		var ssh_status = rdata.status ? 'checked':'';
 		var pass_prohibit_status = rdata.pass_prohibit_status ? 'checked':'';
+		var pubkey_prohibit_status = rdata.pubkey_prohibit_status ? 'checked':'';
 		var con = '<div class="pd15">\
-                <div class="divtable">\
+            <div class="divtable">\
-                    <table class="table table-hover waftable">\
+                <table class="table table-hover waftable">\
-                        <thead><tr><th>名称</th><th width="80">状态</th></tr></thead>\
+                    <thead><tr><th>名称</th><th width="80">状态</th></tr></thead>\
-                        <tbody>\
+                    <tbody>\
-                            <tr>\
+                        <tr>\
-                                <td>启动SSH</td>\
+                            <td>启动SSH</td>\
-                                <td>\
+                            <td>\
-                                    <div class="ssh-item" style="margin-left:0">\
+                                <div class="ssh-item" style="margin-left:0">\
-                                        <input class="btswitch btswitch-ios" id="sshswitch" type="checkbox" '+ssh_status+'>\
+                                    <input class="btswitch btswitch-ios" id="sshswitch" type="checkbox" '+ssh_status+'>\
-                                        <label class="btswitch-btn" for="sshswitch" onclick=\'setMstscStatus()\'></label>\
+                                    <label class="btswitch-btn" for="sshswitch" onclick=\'setMstscStatus()\'></label>\
-                                    </div>\
+                                </div>\
-                                </td>\
+                            </td>\
-                            </tr>\
+                        </tr>\
-                            <tr>\
+                        <tr>\
-                                <td>禁止密码登陆</td>\
+                            <td>禁止密码登陆</td>\
-                                <td>\
+                            <td>\
-                                    <div class="ssh-item" style="margin-left:0">\
+                                <div class="ssh-item" style="margin-left:0">\
-                                        <input class="btswitch btswitch-ios" id="pass_status" type="checkbox" '+pass_prohibit_status+'>\
+                                    <input class="btswitch btswitch-ios" id="pass_status" type="checkbox" '+pass_prohibit_status+'>\
-                                        <label class="btswitch-btn" for="pass_status" onclick=\'setSshPassStatus()\'></label>\
+                                    <label class="btswitch-btn" for="pass_status" onclick=\'setSshPassStatus()\'></label>\
-                                    </div>\
+                                </div>\
-                                </td>\
+                            </td>\
-                            </tr>\
+                        </tr>\
-                        </tbody>\
+                        <tr>\
-                    </table>\
+                            <td>禁止密钥登陆</td>\
-                </div>\
+                            <td>\
-            </div>';
+                                <div class="ssh-item" style="margin-left:0">\
+                                    <input class="btswitch btswitch-ios" id="pass_status" type="checkbox" '+pubkey_prohibit_status+'>\
+                                    <label class="btswitch-btn" for="pass_status" onclick=\'setSshPassStatus()\'></label>\
+                                </div>\
+                            </td>\
+                        </tr>\
+                    </tbody>\
+                </table>\
+            </div>\
+        </div>';
         layer.open({
 	        type: 1,
 	        title: "SSH管理",

web/utils/firewall.py

@@ -157,8 +157,8 @@ class Firewall(object):
         if ssh_status[0] != '':
             status = False
 
-        data['pass_prohibit_status'] = False
         # 密码登陆配置检查
+        data['pass_prohibit_status'] = False
         pass_rep = r"PasswordAuthentication\s+(\w*)\s*\n"
         pass_status = re.search(pass_rep, conf)
         if pass_status:
@@ -167,6 +167,16 @@ class Firewall(object):
         else:
             data['pass_prohibit_status'] = True
 
+        # 密钥登陆配置检查
+        data['pubkey_prohibit_status'] = False
+        pass_rep = r"PubkeyAuthentication\s+(\w*)\s*\n"
+        pass_status = re.search(pass_rep, conf)
+        if pass_status:
+            if pass_status and pass_status.groups(0)[0].strip() == 'no':
+                data['pubkey_prohibit_status'] = True
+        else:
+            data['pubkey_prohibit_status'] = True
+
         data['port'] = port
         data['status'] = status
         data['ping'] = isPing