SSH: cannot check for default password because of Debian bug #1003151

Signed-off-by: nachoparker <nacho@ownyourbits.com>

bin/ncp/BACKUPS/nc-snapshot.sh

@@ -32,7 +32,7 @@ configure()
     return 1
   }
 
-  btrfs-snp $MOUNTPOINT manual $LIMIT 0 ../ncp-snapshots
+  btrfs-snp "${MOUNTPOINT}" manual "${LIMIT}" 0 ../ncp-snapshots
 
   restore_maintenance_mode
 }

bin/ncp/NETWORKING/SSH.sh

@@ -39,38 +39,40 @@ configure()
   echo -e "$PASS\n$CONFIRM" | passwd "$USER" || return 1
 
   # Check for insecure default pi password ( taken from old jessie method )
-  local SHADOW="$( grep -E '^pi:' /etc/shadow )"
-  test -n "${SHADOW}" && {
-    local SALT=$(echo "${SHADOW}" | sed -n 's/pi:\$6\$//;s/\$.*//p')
+  # TODO Due to Debian bug #1003151 with mkpasswd this feature is not working properly at the moment - https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1837456.html
+  #local SHADOW SALT HASH
+  #SHADOW="$( grep -E '^pi:' /etc/shadow )"
+  #test -n "${SHADOW}" && {
+    #SALT=$(awk -F[:$] '{print $5}' <<<"${SHADOW}")
 
-    [[ "${SALT}" != "" ]] && {
-      local HASH=$(mkpasswd -msha-512 raspberry "$SALT")
-      grep -q "${HASH}" <<< "${SHADOW}" && {
-        systemctl stop    ssh
-        systemctl disable ssh
-        echo "The user pi is using the default password. Refusing to activate SSH"
-        echo "SSH disabled"
-        return 1
-      }
-    }
-  }
+    #[[ "${SALT}" != "" ]] && {
+      #HASH=$(mkpasswd -myescrypt raspberry "${SALT}")
+      #grep -q "${HASH}" <<< "${SHADOW}" && {
+        #systemctl stop    ssh
+        #systemctl disable ssh
+        #echo "The user pi is using the default password. Refusing to activate SSH"
+        #echo "SSH disabled"
+        #return 1
+      #}
+    #}
+  #}
 
   # Check for insecure default root password ( taken from old jessie method )
-  local SHADOW="$( grep -E '^root:' /etc/shadow )"
-  test -n "${SHADOW}" && {
-    local SALT=$(echo "${SHADOW}" | sed -n 's/root:\$6\$//;s/\$.*//p')
+  #SHADOW="$( grep -E '^root:' /etc/shadow )"
+  #test -n "${SHADOW}" && {
+    #SALT=$(awk -F[:$] '{print $5}' <<<"${SHADOW}")
 
-    [[ "${SALT}" != "" ]] && {
-      local HASH=$(mkpasswd -msha-512 1234 "$SALT")
-      grep -q "${HASH}" <<< "${SHADOW}" && {
-        systemctl stop    ssh
-        systemctl disable ssh
-        echo "The user root is using the default password. Refusing to activate SSH"
-        echo "SSH disabled"
-        return 1
-      }
-    }
-  }
+    #[[ "${SALT}" != "" ]] && {
+      #HASH=$(mkpasswd -myescrypt 1234 "${SALT}")
+      #grep -q "${HASH}" <<< "${SHADOW}" && {
+        #systemctl stop    ssh
+        #systemctl disable ssh
+        #echo "The user root is using the default password. Refusing to activate SSH"
+        #echo "SSH disabled"
+        #return 1
+      #}
+    #}
+  #}
 
   # Enable
   chage -d 0 "$USER"

changelog.md

@@ -1,5 +1,7 @@
 
-[v1.46.7](https://github.com/nextcloud/nextcloudpi/commit/bd49019) (2022-03-04) nc-hdd-monitor: fix Bullseye service name
+[v1.46.8](https://github.com/nextcloud/nextcloudpi/commit/dc7046b) (2022-03-04) SSH: cannot check for default password because of Debian bug #1003151
+
+[v1.46.7](https://github.com/nextcloud/nextcloudpi/commit/f473f73) (2022-03-04) nc-hdd-monitor: fix Bullseye service name
 
 [v1.46.6](https://github.com/nextcloud/nextcloudpi/commit/c9610e4) (2022-03-03) ncp-dist-upgrade: fix VM grub-pc issue
 

tag_and_push.sh

@@ -16,10 +16,10 @@
 
 set -e
 
-TAG="$@"
+TAG="$*"
  
 source build/buildlib.sh
-git tag "$TAG"
+git tag -f "$TAG"
 generate_changelog
 git add changelog.md
 git commit -C HEAD --amend