sshroot.sh
This commit is contained in:
parent
6007fe31cd
commit
c3206fa11c
|
|
@ -0,0 +1,91 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# Description:
|
||||
# This script sets certain parameters in /etc/ssh/sshd_config.
|
||||
# It's not production ready and only used for training purposes.
|
||||
#
|
||||
# What should it do?
|
||||
# * Check whether a /etc/ssh/sshd_config file exists
|
||||
# * Create a backup of this file
|
||||
# * Edit the file to set certain parameters
|
||||
# * Reload the sshd configuration
|
||||
# To enable debugging mode remove '#' from the following line
|
||||
#set -x
|
||||
# Variables
|
||||
|
||||
file="$1"
|
||||
param[1]="PermitRootLogin "
|
||||
param[2]="PubkeyAuthentication"
|
||||
param[3]="AuthorizedKeysFile"
|
||||
param[4]="PasswordAuthentication"
|
||||
|
||||
# Functions
|
||||
usage(){
|
||||
cat << EOF
|
||||
usage: $0 ARG1
|
||||
ARG1 Name of the sshd_config file to edit.
|
||||
In case ARG1 is empty, /etc/ssh/sshd_config will be used as default.
|
||||
|
||||
Description:
|
||||
This script sets certain parameters in /etc/ssh/sshd_config.
|
||||
It's not production ready and only used for training purposes.
|
||||
|
||||
What should it do?
|
||||
* Check whether a /etc/ssh/sshd_config file exists
|
||||
* Create a backup of this file
|
||||
* Edit the file to set certain parameters
|
||||
EOF
|
||||
}
|
||||
|
||||
backup_sshd_config(){
|
||||
if [ -f ${file} ]
|
||||
then
|
||||
/usr/bin/cp ${file} ${file}.1
|
||||
else
|
||||
/usr/bin/echo "File ${file} not found."
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
edit_sshd_config(){
|
||||
for PARAM in ${param[@]}
|
||||
do
|
||||
/usr/bin/sed -i '/^'"${PARAM}"'/d' ${file}
|
||||
/usr/bin/echo "All lines beginning with '${PARAM}' were deleted from ${file}."
|
||||
done
|
||||
/usr/bin/echo "${param[1]} no" >> ${file}
|
||||
/usr/bin/echo "'${param[1]} no' was added to ${file}."
|
||||
/usr/bin/echo "${param[2]} yes" >> ${file}
|
||||
/usr/bin/echo "'${param[2]} yes' was added to ${file}."
|
||||
/usr/bin/echo "${param[3]} .ssh/authorized_keys" >> ${file}
|
||||
/usr/bin/echo "'${param[3]} .ssh/authorized_keys' was added to ${file}."
|
||||
/usr/bin/echo "${param[4]} no" >> ${file}
|
||||
/usr/bin/echo "'${param[4]} no' was added to ${file}"
|
||||
}
|
||||
|
||||
reload_sshd(){
|
||||
/usr/bin/systemctl reload sshd.service
|
||||
/usr/bin/echo "Run '/usr/bin/systemctl reload sshd.service'...OK"
|
||||
}
|
||||
|
||||
# main
|
||||
while getopts .h. OPTION
|
||||
do
|
||||
case $OPTION in
|
||||
h)
|
||||
usage
|
||||
exit;;
|
||||
?)
|
||||
usage
|
||||
exit;;
|
||||
esac
|
||||
done
|
||||
|
||||
if [ -z "${file}" ]
|
||||
then
|
||||
|
||||
file="/etc/ssh/sshd_config"
|
||||
fi
|
||||
backup_sshd_config
|
||||
edit_sshd_config
|
||||
reload_sshd
|
||||
Loading…
Reference in New Issue