feat(radius): add password generation script
This commit is contained in:
parent
29b52957db
commit
54794f2611
76
hosts/radius/generate_passwords.py
Normal file
76
hosts/radius/generate_passwords.py
Normal file
@ -0,0 +1,76 @@
|
|||||||
|
###
|
||||||
|
# Hier werden die Passwörter generiert und sie VLANs zugeordnet. Diese Datei
|
||||||
|
# kann nach `radius.bula22.de:/etc/raddb/mods-config/files/authorize` geschoben
|
||||||
|
# werden.
|
||||||
|
#
|
||||||
|
# ACHTUNG! Die Passwörter sind nicht idempotent, sondern werden neu generiert.
|
||||||
|
# Das Skript also nur ausführen, solange die User noch nicht online sind.
|
||||||
|
# Danach muss wieder manuell gefrickelt werden.
|
||||||
|
#
|
||||||
|
# Anpassbar:
|
||||||
|
# - Welcher Userprefix kommt in welches VLAN.
|
||||||
|
# - Wie viele User gehen pro Prefix online?
|
||||||
|
#
|
||||||
|
# Fragen? Fragen! DECT664 oder über Signal / Matrix / rfc1149.
|
||||||
|
###
|
||||||
|
|
||||||
|
|
||||||
|
import secrets
|
||||||
|
import string
|
||||||
|
|
||||||
|
USERS_PER_PREFIX = 20
|
||||||
|
|
||||||
|
### LEITSTELLE
|
||||||
|
# DEFAULT
|
||||||
|
# Tunnel-Private-Group-Id = "205",
|
||||||
|
# Fall-Through = Yes
|
||||||
|
#
|
||||||
|
# leitstelle01 Cleartext-Password := "oofahcul3aiV4ri8"
|
||||||
|
|
||||||
|
prefixes = [
|
||||||
|
(201, "ikt"),
|
||||||
|
(202, "buehne"),
|
||||||
|
(202, "technik"),
|
||||||
|
(203, "hospital"),
|
||||||
|
(204, "zoll"),
|
||||||
|
(205, "leitstelle"),
|
||||||
|
(206, "bll"),
|
||||||
|
(206, "finanzen"),
|
||||||
|
(208, "bayern"),
|
||||||
|
(208, "elydipark"),
|
||||||
|
(208, "hessen"),
|
||||||
|
(208, "trabantenstadt"),
|
||||||
|
(208, "waltara"),
|
||||||
|
(208, "zeche"),
|
||||||
|
(209, "infojurte"),
|
||||||
|
(210, "intfairground"),
|
||||||
|
(210, "intinfocenter"),
|
||||||
|
(211, "programmtre"),
|
||||||
|
(212, "openoffice")
|
||||||
|
]
|
||||||
|
|
||||||
|
def gen_password():
|
||||||
|
alphabet = string.ascii_letters + string.digits
|
||||||
|
return ''.join(secrets.choice(alphabet) for i in range(10))
|
||||||
|
|
||||||
|
|
||||||
|
print("DEFAULT")
|
||||||
|
print("\tTunnel-Type = \"VLAN\",")
|
||||||
|
print("\tTunnel-Medium-Type = IEEE-802,")
|
||||||
|
print("\tFall-Through = Yes")
|
||||||
|
print()
|
||||||
|
|
||||||
|
for (vlan, prefix) in prefixes:
|
||||||
|
print(f"## {prefix.upper()}")
|
||||||
|
print(f"DEFAULT")
|
||||||
|
print(f"\tTunnel-Private-Group-Id = \"{vlan}\"")
|
||||||
|
print(f"\tFall-Through = Yes")
|
||||||
|
print()
|
||||||
|
|
||||||
|
for i in range(1, USERS_PER_PREFIX + 1):
|
||||||
|
username = f"{prefix}{i:02d}"
|
||||||
|
pw = gen_password()
|
||||||
|
|
||||||
|
print(f"{username}\tCleartext-Password := \"{pw}\"")
|
||||||
|
|
||||||
|
print()
|
Loading…
Reference in New Issue
Block a user