akanealw/linux-scripts
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
965f517f79fd406afdda20400d6daa3c40a1bb12
linux-scripts/debian/debian-configure-sshd.sh
akanealw 965f517f79 testing
2023-12-22 00:40:00 -06:00

161 lines
6.2 KiB
Bash
Raw Blame History

#!/bin/bash
if [ "$EUID" -ne 0 ]
then
echo "Please run as root"
exit
fi
# sshd config
isInFile=$(cat /etc/hostname | grep -c "proxmox")
if [ $isInFile -eq 0 ]
then
isInFile=$(cat /etc/ssh/sshd_config | grep -c "#PermitRootLogin prohibit-password")
if [ $isInFile -eq 0 ]
then
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak1
sed -i 's/PermitRootLogin no/#PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
sed -i 's/PermitRootLogin yes/#PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
sed -i 's/PermitRootLogin prohibit-password/#PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
fi
fi
isInFile=$(cat /etc/hostname | grep -c "proxmox")
if [ $isInFile -eq 0 ]
then
isInFile=$(cat /etc/ssh/sshd_config | grep -c "PasswordAuthentication no")
if [ $isInFile -eq 0 ]
then
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak2
sed -i 's/#PasswordAuthentication no/PasswordAuthentication no/g' /etc/ssh/sshd_config
sed -i 's/PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
fi
fi
# authorized_keys akanealw
cp /home/akanealw/.ssh/authorized_keys /home/akanealw/.ssh/authorized_keys.bak
isInFile=$(cat /home/akanealw/.ssh/authorized_keys | grep -c "gamingpc-akanealw")
if [ $isInFile -eq 0 ]
then
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINRfrcCbyeG7O7P3/WNuPrOr131x/DHcJqjJVE/BBrAU gamingpc-akanealw" >> /home/akanealw/.ssh/authorized_keys
chown akanealw:akanealw /home/akanealw/.ssh/*
chmod 600 /home/akanealw/.ssh/*
fi
isInFile=$(cat /home/akanealw/.ssh/authorized_keys | grep -c "laptoppc-akanealw")
if [ $isInFile -eq 0 ]
then
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAj1SSffm3S3wJCSq3YjGzQ/Gw3Ta9YRzUmSvxv4/bVm laptoppc-akanealw" >> /home/akanealw/.ssh/authorized_keys
chown akanealw:akanealw /home/akanealw/.ssh/*
chmod 600 /home/akanealw/.ssh/*
fi
isInFile=$(cat /home/akanealw/.ssh/authorized_keys | grep -c "server-akanealw")
if [ $isInFile -eq 0 ]
then
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGAiw0sQxxTg/zBm/Hz4LLjtiuGfefF2vogGkYcWox4S server-akanealw" >> /home/akanealw/.ssh/authorized_keys
chown akanealw:akanealw /home/akanealw/.ssh/*
chmod 600 /home/akanealw/.ssh/*
fi
# authorized_keys root
cp /root/.ssh/authorized_keys /root/.ssh/authorized_keys.bak
isInFile=$(cat /root/.ssh/authorized_keys | grep -c "gamingpc-root")
if [ $isInFile -eq 0 ]
then
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILMb59HWxAoetRy+Qd0IWrF79z6iwq/JcL2cJ8rRI4Io gamingpc-root" >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
fi
isInFile=$(cat /root/.ssh/authorized_keys | grep -c "laptoppc-root")
if [ $isInFile -eq 0 ]
then
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL3BxOpdWBLaZKL/EKIRIypK91hFvYE7Ak2fgDEiPmHE laptoppc-root" >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
fi
isInFile=$(cat /root/.ssh/authorized_keys | grep -c "server-root")
if [ $isInFile -eq 0 ]
then
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHWiw5lVzQIZiZc1SPphvHhdSpFl9UN6Xm4znFqq5xs4 server-root" >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
fi
# config /home/akanealw/.ssh/
isInFile=$(cat /home/akanealw/.ssh/config | grep -c "*root")
if [ $isInFile -eq 0 ]
then
cp /home/akanealw/.ssh/config /home/akanealw/.ssh/config.bak
mv /home/akanealw/.ssh/known_hosts /home/akanealw/.ssh/known_hosts.old
echo "" >> /home/akanealw/.ssh/config
echo "" >> /home/akanealw/.ssh/config
echo "Host *root" >> /home/akanealw/.ssh/config
echo "Port 22" >> /home/akanealw/.ssh/config
echo "User root" >> /home/akanealw/.ssh/config
echo "IdentityFile /root/.ssh/server-root" >> /home/akanealw/.ssh/config
echo "" >> /home/akanealw/.ssh/config
echo "Host *" >> /home/akanealw/.ssh/config
echo "Port 22" >> /home/akanealw/.ssh/config
echo "User akanealw" >> /home/akanealw/.ssh/config
echo "IdentityFile /home/akanealw/.ssh/server-akanealw" >> /home/akanealw/.ssh/config
chown akanealw:akanealw /home/akanealw/.ssh/*
chmod 600 /home/akanealw/.ssh/*
fi
# config /root/.ssh/
isInFile=$(cat /root/.ssh/config | grep -c "*root")
if [ $isInFile -eq 0 ]
then
cp /root/.ssh/config /root/.ssh/config.bak
mv /root/.ssh/known_hosts /root/.ssh/known_hosts.old
echo "" >> /root/.ssh/config
echo "" >> /root/.ssh/config
echo "Host *root" >> /root/.ssh/config
echo "Port 22" >> /root/.ssh/config
echo "User root" >> /root/.ssh/config
echo "IdentityFile /root/.ssh/server-root" >> /root/.ssh/config
echo "" >> /root/.ssh/config
echo "Host *" >> /root/.ssh/config
echo "Port 22" >> /root/.ssh/config
echo "User akanealw" >> /root/.ssh/config
echo "IdentityFile /home/akanealw/.ssh/server-akanealw" >> /root/.ssh/config
chmod 600 /root/.ssh/*
fi
# server-akanealw
cat <<EOF > /home/akanealw/.ssh/server-akanealw
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
QyNTUxOQAAACBgIsNLEMcU4P8wZvx8+Cy47Yrhn3nxdr6IBpGHFqMeEgAAAJgPgcu8D4HL
vAAAAAtzc2gtZWQyNTUxOQAAACBgIsNLEMcU4P8wZvx8+Cy47Yrhn3nxdr6IBpGHFqMeEg
AAAEDalS9Q+0KRMMqOXnie/d0uckbLIePYYY7DOqs8cJ7UF2Aiw0sQxxTg/zBm/Hz4LLjt
iuGfefF2vogGkYcWox4SAAAAD3NlcnZlci1ha2FuZWFsdwECAwQFBg==
-----END OPENSSH PRIVATE KEY-----
EOF
chown akanealw:akanealw /home/akanealw/.ssh/*
chmod 600 /home/akanealw/.ssh/*
# server-root
cat <<EOF > /root/.ssh/server-root
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
QyNTUxOQAAACB1osOZVc0CGYmXNUj6Ybx4XUqRZfVDel5uM5xaqucbOAAAAJAnxfYyJ8X2
MgAAAAtzc2gtZWQyNTUxOQAAACB1osOZVc0CGYmXNUj6Ybx4XUqRZfVDel5uM5xaqucbOA
AAAEBUjm9GcUvXzKnpiw0aYd+Ca7+LAWuq0u6l0FjPQyQjd3Wiw5lVzQIZiZc1SPphvHhd
SpFl9UN6Xm4znFqq5xs4AAAAC3NlcnZlci1yb290AQI=
-----END OPENSSH PRIVATE KEY-----
EOF
chmod 600 /root/.ssh/*
# restart sshd
#systemctl restart sshd
Reference in New Issue View Git Blame Copy Permalink