(msg: Api.Message, mode: string)
| 1115 | |
| 1116 | // 重启SSH服务使配置生效 |
| 1117 | const restartResult = await restartSSHService(); |
| 1118 | if (!restartResult.success) { |
| 1119 | throw new Error("无法重启SSH服务"); |
| 1120 | } |
| 1121 | |
| 1122 | // 保存配置到插件数据库 |
| 1123 | await ConfigManager.set(CONFIG_KEYS.PUBKEY_AUTH, authValue); |
| 1124 | |
| 1125 | let warningText = ""; |
| 1126 | if (!enable) { |
| 1127 | warningText = "\n\n⚠️ <b>警告</b>: 关闭密钥登录可能会造成无法使用SSH密钥连接"; |
| 1128 | } |
| 1129 | |
| 1130 | await msg.edit({ |
| 1131 | text: `✅ <b>密钥登录已${action}</b>\n\n当前状态: ${enable ? "✅ 已开启" : "❌ 已关闭"}\n备份文件: /etc/ssh/sshd_config.backup.${timestamp}${warningText}`, |
| 1132 | parseMode: "html" |
| 1133 | }); |
| 1134 | } catch (error: any) { |
| 1135 | throw new Error(`${action}密钥登录失败: ${error.message}`); |
| 1136 | } |
| 1137 | } |
| 1138 | |
| 1139 | // 开关Root登录 |
| 1140 | private async toggleRootLogin(msg: Api.Message, mode: string): Promise<void> { |
| 1141 | const enable = mode === "on" || mode === "enable" || mode === "yes"; |
| 1142 | const disable = mode === "off" || mode === "disable" || mode === "no"; |
| 1143 | const keyOnly = mode === "keyonly" || mode === "key-only" || mode === "keys"; |
| 1144 | |
| 1145 | if (!enable && !disable && !keyOnly) { |
| 1146 | await msg.edit({ |
| 1147 | text: `❌ <b>无效的参数</b>\n\n用法:\n• <code>${mainPrefix}ssh rootlogin on</code> - 允许所有root登录方式\n• <code>${mainPrefix}ssh rootlogin off</code> - 完全禁止root登录\n• <code>${mainPrefix}ssh rootlogin keyonly</code> - 仅允许密钥登录root`, |
| 1148 | parseMode: "html" |
| 1149 | }); |
| 1150 | return; |
| 1151 | } |
| 1152 | |
| 1153 | let action: string; |
| 1154 | let authValue: string; |
| 1155 | |
| 1156 | if (enable) { |
| 1157 | action = "开启所有Root登录方式"; |
| 1158 | authValue = "yes"; |
| 1159 | } else if (keyOnly) { |
| 1160 | action = "设置Root仅密钥登录"; |
| 1161 | authValue = "prohibit-password"; |
| 1162 | } else { |
| 1163 | action = "完全禁止Root登录"; |
| 1164 | authValue = "no"; |
| 1165 | } |
| 1166 | |
| 1167 | await msg.edit({ text: `🔄 正在${action}...`, parseMode: "html" }); |
| 1168 | |
| 1169 | try { |
| 1170 | // 检查当前是否有其他登录方式 |
| 1171 | if (disable) { |
| 1172 | // 完全禁用root登录前检查是否有其他用户 |
| 1173 | try { |
| 1174 | const { stdout: users } = await execFileAsync("getent", ["passwd"]); |
no test coverage detected