1 #!/bin/sh 2 # $Id: skeyaudit.sh,v 1.1 1994/06/24 08:06:38 deraadt Exp $ 3 # This script will look thru the skeykeys file for 4 # people with sequence numbers less then LOWLIMIT=12 5 # and send them an e-mail reminder to use skeyinit soon 6 # 7 8 AWK=/usr/bin/awk 9 GREP=/usr/bin/grep 10 ECHO=/bin/echo 11 KEYDB=/etc/skeykeys 12 LOWLIMIT=12 13 ADMIN=root 14 SUBJECT="Reminder: Run skeyinit" 15 HOST=`/bin/hostname` 16 17 18 if [ "$1" != "" ] 19 then 20 LOWLIMIT=$1 21 fi 22 23 24 # an skeykeys entry looks like 25 # jsw 0076 la13079 ba20a75528de9d3a 26 # the sequence number is the second entry 27 # 28 29 for i in `$AWK '{print $1}' $KEYDB` 30 do 31 SEQ=`$GREP "^$i[ ]" $KEYDB | $AWK '{print $2}'` 32 if [ $SEQ -lt $LOWLIMIT ] 33 then 34 KEY=`$GREP "^$i[ ]" $KEYDB | $AWK '{print $3}'` 35 if [ $SEQ -lt 3 ] 36 then 37 SUBJECT="IMPORTANT action required" 38 fi 39 ( 40 $ECHO "You are nearing the end of your current S/Key sequence for account $i" 41 $ECHO "on system $HOST." 42 $ECHO "" 43 $ECHO "Your S/key sequence number is now $SEQ. When it reaches zero you" 44 $ECHO "will no longer be able to use S/Key to login into the system. " 45 $ECHO " " 46 $ECHO "Type \"skeyinit -s\" to reinitialize your sequence number." 47 $ECHO "" 48 ) | /usr/bin/Mail -s "$SUBJECT" $i $ADMIN 49 fi 50 done 51