1#!/bin/sh 2# $Id: skeyaudit.sh,v 1.1 1994/06/24 08:06:38 deraadt Exp $ 3# This script will look thru the skeykeys file for 4# people with sequence numbers less then LOWLIMIT=12 5# and send them an e-mail reminder to use skeyinit soon 6# 7 8AWK=/usr/bin/awk 9GREP=/usr/bin/grep 10ECHO=/bin/echo 11KEYDB=/etc/skeykeys 12LOWLIMIT=12 13ADMIN=root 14SUBJECT="Reminder: Run skeyinit" 15HOST=`/bin/hostname` 16 17 18if [ "$1" != "" ] 19then 20 LOWLIMIT=$1 21fi 22 23 24# an skeykeys entry looks like 25# jsw 0076 la13079 ba20a75528de9d3a 26# the sequence number is the second entry 27# 28 29for i in `$AWK '{print $1}' $KEYDB` 30do 31SEQ=`$GREP "^$i[ ]" $KEYDB | $AWK '{print $2}'` 32if [ $SEQ -lt $LOWLIMIT ] 33then 34 KEY=`$GREP "^$i[ ]" $KEYDB | $AWK '{print $3}'` 35 if [ $SEQ -lt 3 ] 36 then 37 SUBJECT="IMPORTANT action required" 38 fi 39 ( 40 $ECHO "You are nearing the end of your current S/Key sequence for account $i" 41 $ECHO "on system $HOST." 42 $ECHO "" 43 $ECHO "Your S/key sequence number is now $SEQ. When it reaches zero you" 44 $ECHO "will no longer be able to use S/Key to login into the system. " 45 $ECHO " " 46 $ECHO "Type \"skeyinit -s\" to reinitialize your sequence number." 47 $ECHO "" 48 ) | /usr/bin/Mail -s "$SUBJECT" $i $ADMIN 49fi 50done 51