当用户通过 SSH 访问我的 Linux 主机时,我正在运行一个小脚本。此脚本应为用户验证和/或设置 Google Authenticator MFA 访问权限。
现在它按预期工作,但有一个警告 - 在 MFA 配置过程中的任何时候,如果用户 (ie) CTRL+C的,设置向导被中断,但 SSH 会话继续。我需要它来注销试图访问的用户。
我怎样才能做到这一点?
这是我在.bashrc
文件底部添加的内容(请注意,这对我来说很新,并且我愿意接受对我当前尝试的批评/改进)。
# MFA validation/configuration
if [[ -n $SSH_CONNECTION ]] ; then
echo "SSH connection to remote host successful."
echo "testing if MFA is configured..."
# is this test enough?
file="$HOME/.google_authenticator"
if [ -f "$file" ] ; then
printf "MFA configured, you may proceed.\n"
else
printf "MFA not configured; running setup wizard.\n"
# the command runs, but the else bit is never reached
if google-authenticator ; then
# I reach this point if I go to the end of the wizard
echo "MFA setup successful"
else
# this point is never reached
echo "MFA setup failed - logging you out"
exit
fi
fi
fi