#!/bin/sh
#
# This script will make sure that the /etc/sshd_config
#  is configured correctly
#
#
# History:
# 21Apr2001	dawson	First wrote the script
#
#######################################################################
# Variables
KRB5_DIR="/usr/krb5"
KRB5_KADMIN="$KRB5_DIR/sbin/kadmin"
REALM="FNAL.GOV"
NODENAME=`uname -n`
version="$1"

########################################################################
# Add starting line to original file
ktadd_service () {
	SERVICETOADD="$1/$NODENAME"
	SERVICEPASSWORD="$2"
	PRINCIPLE=$SERVICETOADD\@$REALM
	echo $KRB5_KADMIN -r $REALM -p $PRINCIPLE -w $SERVICEPASSWORD -q "ktadd $PRINCIPLE"
	$KRB5_KADMIN -r $REALM -p $PRINCIPLE -w $SERVICEPASSWORD -q "ktadd $PRINCIPLE"
}

########################################################################
# Main Program

# Don't even bother running this if we don't have kadmin
if [ -x $KRB5_KADMIN ] ; then
	echo " "
	echo "Do you have the password(s) to enable the telnet and ftp services? (y/n, default y)"
	read answer
	case $answer in 
	n | N | no | NO | No )
		echo "You must have the password(s) in order to enable the telnet and ftp services.\n"
		exit 1
	;;
	* )
		echo "Password for ftp/$NODENAME service: "
		stty -echo
		read ftppass
		stty echo
		echo "Password for host/$NODENAME service: "
		echo "(default is the same as the ftp/$NODENAME password you just entered) "
		stty -echo
		read hostpass
		stty echo
		if [ "$hostpass" = "" ] ; then
			hostpass="$ftppass"
		fi
		ktadd_service "ftp" $ftppass
		ktadd_service "host" $hostpass
		exit 0;
	;;
	esac
else
	echo "You do not have kadmin, which comes with kerberos."
	echo "Please make sure you have the regular kerberos binaries installed."
	exit 2
fi
