29 lines
1.2 KiB
Bash
Executable File
29 lines
1.2 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
echo "Adjusting ssh configuration"
|
|
|
|
# /etc/ssh/sshd_config is provided by openssh-server
|
|
# /etc/ssh/ssh_config is provided by openssh-clients
|
|
# Note0: augtool is provided by augeas-tools on Ubuntu
|
|
# Note1: augtool on Ubuntu does not auto-save, pass -s
|
|
install-packages augeas openssh-server openssh-clients
|
|
|
|
augtool set /files/etc/ssh/sshd_config/PasswordAuthentication yes
|
|
augtool set /files/etc/ssh/sshd_config/UseDNS no
|
|
augtool set /files/etc/ssh/sshd_config/PermitTunnel yes
|
|
augtool set /files/etc/ssh/sshd_config/SyslogFacility AUTH
|
|
augtool set /files/etc/ssh/sshd_config/PermitRootLogin yes
|
|
augtool set /files/etc/ssh/sshd_config/StrictModes yes
|
|
augtool set /files/etc/ssh/sshd_config/RSAAuthentication yes
|
|
augtool set /files/etc/ssh/sshd_config/PubkeyAuthentication yes
|
|
augtool set /files/etc/ssh/sshd_config/IgnoreRhosts yes
|
|
|
|
augtool set /files/etc/ssh/ssh_config/Host/StrictHostKeyChecking no
|
|
augtool set /files/etc/ssh/ssh_config/Host/GSSAPIDelegateCredentials no
|
|
augtool set /files/etc/ssh/ssh_config/Host/GSSAPIAuthentication no
|
|
|
|
# No known augeas lense for cloud-init config
|
|
sed -i 's/ssh_pwauth: 0/ssh_pwauth: 1/' /etc/cloud/cloud.cfg
|
|
|
|
augtool clear /files/etc/sudoers/Defaults[type=':nrpe']/requiretty/negate
|