#!/bin/sh

GLOME=/usr/local/bin/glome
GLOME_LOGIN=/usr/local/sbin/glome-login
CONFIG=/usr/local/etc/glome/config
PRIVATE=/usr/local/etc/glome/private.key

umask 077
PUBLIC_KEY=$($GLOME genkey | tee $PRIVATE | $GLOME pubkey)
sed -i "s/^#public-key = .*/public-key = $PUBLIC_KEY/" $CONFIG
sed -i "1 i\auth sufficient /usr/local/lib/x86_64-linux-gnu/security/pam_glome.so" /etc/pam.d/sshd
cat <<EOF > /etc/ssh/sshd_config.d/glome.conf
ChallengeResponseAuthentication yes
PermitRootLogin yes
EOF

mkdir /run/sshd
/usr/sbin/sshd

socat tcp-l:23,reuseaddr,fork exec:"/sbin/agetty -l $GLOME_LOGIN -",pty,setsid,setpgid,stderr,ctty
