Burp server: Add user for SSH-tunnelling in
This commit is contained in:
parent
56af2f4b5f
commit
60150bbe98
|
@ -1,4 +1,4 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
{
|
{
|
||||||
services.burp.server = {
|
services.burp.server = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -27,4 +27,21 @@
|
||||||
"Mon,Tue,Wed,Thu,Fri,Sat,Sun,00,01,02,03,04,05,06,07,08,17,18,19,20,21,22,23"
|
"Mon,Tue,Wed,Thu,Fri,Sat,Sun,00,01,02,03,04,05,06,07,08,17,18,19,20,21,22,23"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Used for other clients to open an SSH tunnel to the burp server
|
||||||
|
users.users.burp-remote = {
|
||||||
|
isNormalUser = false;
|
||||||
|
isSystemUser = true;
|
||||||
|
createHome = false;
|
||||||
|
group = "nogroup";
|
||||||
|
# A shell is necessary for the user to run `sleep`
|
||||||
|
shell = pkgs.bash;
|
||||||
|
openssh.authorizedKeys.keys = [
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIItwImll4vcrfRQZjf6zkEGJswpL9EdWRiibXtjis99J root@Emitter"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
services.openssh.extraConfig = ''
|
||||||
|
Match User burp-remote
|
||||||
|
ForceCommand ${pkgs.coreutils}/bin/sleep 10
|
||||||
|
'';
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue