testing

debian/debian-configure-sshd.sh

@@ -6,13 +6,16 @@ if [ "$EUID" -ne 0 ]
   exit
 fi
 
+
+# sshd config
 isInFile=$(cat /etc/hostname | grep -c "proxmox")
 if [ $isInFile -eq 0 ]
     then
         isInFile=$(cat /etc/ssh/sshd_config | grep -c "#PermitRootLogin prohibit-password")
         if [ $isInFile -eq 0 ]
             then
-            sed -i 's/PermitRootLogin yes/#PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
+                cp  /etc/ssh/sshd_config  /etc/ssh/sshd_config.bak1
+                sed -i 's/PermitRootLogin yes/#PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
         fi
 fi
 
@@ -22,10 +25,14 @@ if [ $isInFile -eq 0 ]
         isInFile=$(cat /etc/ssh/sshd_config | grep -c "PasswordAuthentication no")
         if [ $isInFile -eq 0 ]
             then
-            sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
+                cp  /etc/ssh/sshd_config  /etc/ssh/sshd_config.bak2
+                sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
         fi
 fi
 
+
+# authorized_keys akanealw
+cp /home/akanealw/.ssh/authorized_keys /home/akanealw/.ssh/authorized_keys.bak
 isInFile=$(cat /home/akanealw/.ssh/authorized_keys | grep -c "gamingpc-akanealw")
 if [ $isInFile -eq 0 ]
     then
@@ -50,6 +57,8 @@ if [ $isInFile -eq 0 ]
         chmod 600 /home/akanealw/.ssh/*
 fi
 
+# authorized_keys root
+cp /root/.ssh/authorized_keys /root/.ssh/authorized_keys.bak
 isInFile=$(cat /root/.ssh/authorized_keys | grep -c "gamingpc-root")
 if [ $isInFile -eq 0 ]
     then
@@ -70,3 +79,48 @@ if [ $isInFile -eq 0 ]
         echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHWiw5lVzQIZiZc1SPphvHhdSpFl9UN6Xm4znFqq5xs4 server-root" >> /root/.ssh/authorized_keys
         chmod 600 /root/.ssh/authorized_keys
 fi
+
+# config /home/akanealw/.ssh/
+isInFile=$(cat/home/akanealw/.ssh/config | grep -c "*root")
+if [ $isInFile -eq 0 ]
+    then
+        mv /home/akanealw/.ssh/config /home/akanealw/.ssh/config.bak
+        mv /home/akanealw/.ssh/known_hosts /home/akanealw/.ssh/known_hosts.old
+        echo "" > /home/akanealw/.ssh/config
+        echo "" >> /home/akanealw/.ssh/config
+        echo "Host *root" >> /home/akanealw/.ssh/config
+        echo "Port 22" >> /home/akanealw/.ssh/config
+        echo "User root" >> /home/akanealw/.ssh/config
+        echo "IdentityFile /root/.ssh/server-root" >> /home/akanealw/.ssh/config
+        echo "" >> /home/akanealw/.ssh/config
+        echo "Host *" >> /home/akanealw/.ssh/config
+        echo "Port 22" >> /home/akanealw/.ssh/config
+        echo "User akanealw" >> /home/akanealw/.ssh/config
+        echo "IdentityFile /home/akanealw/.ssh/server-akanealw" >> /home/akanealw/.ssh/config
+        chown akanealw:akanealw /home/akanealw/.ssh/*
+        chmod 600 /home/akanealw/.ssh/*
+fi
+
+# config /root/.ssh/
+isInFile=$(cat /root/.ssh/config | grep -c "*root")
+if [ $isInFile -eq 0 ]
+    then
+        mv /root/.ssh/config /root/.ssh/config.bak
+        mv /root/.ssh/known_hosts /root/.ssh/known_hosts.old
+        echo "" > /root/.ssh/config
+        echo "" >> /root/.ssh/config
+        echo "Host *root" >> /root/.ssh/config
+        echo "Port 22" >> /root/.ssh/config
+        echo "User root" >> /root/.ssh/config
+        echo "IdentityFile /root/.ssh/server-root" >> /root/.ssh/config
+        echo "" >> /root/.ssh/config
+        echo "Host *" >> /root/.ssh/config
+        echo "Port 22" >> /root/.ssh/config
+        echo "User akanealw" >> /root/.ssh/config
+        echo "IdentityFile /home/akanealw/.ssh/server-akanealw" >> /root/.ssh/config
+        chmod 600 /root/.ssh/*
+fi
+
+
+# restart sshd
+#systemctl restart sshd