36 lines
1.4 KiB
Bash
Executable File
36 lines
1.4 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
echo "Adjusting ssh configuration"
|
|
|
|
# /etc/ssh/sshd_config is provided by openssh-server
|
|
# /etc/ssh/ssh_config is provided by openssh-client
|
|
# Note: You need diskimage-builder w/ SHA 82eacdec (11 July 2013) for
|
|
# this install to work on Fedora - https://review.openstack.org/#/c/36739/
|
|
install-packages augeas-tools openssh-server openssh-client
|
|
|
|
augtool -s set /files/etc/ssh/sshd_config/GSSAPIAuthentication no
|
|
augtool -s set /files/etc/ssh/sshd_config/UseDNS no
|
|
augtool -s set /files/etc/ssh/sshd_config/PermitTunnel yes
|
|
|
|
# ssh-client configuration
|
|
# Common
|
|
augtool -s set /files/etc/ssh/ssh_config/Host/StrictHostKeyChecking no
|
|
augtool -s set /files/etc/ssh/ssh_config/Host/GSSAPIAuthentication no
|
|
|
|
distro=$(lsb_release -is || :)
|
|
echo $distro
|
|
case "$distro" in
|
|
Ubuntu )
|
|
augtool -s set /files/etc/ssh/sshd_config/GSSAPICleanupCredentials yes
|
|
augtool -s set /files/etc/ssh/sshd_config/AuthorizedKeysFile .ssh/authorized_keys
|
|
;;
|
|
Fedora )
|
|
sed -i 's/ssh_pwauth: 0/ssh_pwauth: 1/' /etc/cloud/cloud.cfg
|
|
augtool -s clear /files/etc/sudoers/Defaults[type=':nrpe']/requiretty/negate
|
|
augtool -s set /files/etc/ssh/sshd_config/SyslogFacility AUTH
|
|
augtool -s set /files/etc/ssh/sshd_config/StrictModes yes
|
|
augtool -s set /files/etc/ssh/sshd_config/RSAAuthentication yes
|
|
augtool -s set /files/etc/ssh/sshd_config/PubkeyAuthentication yes
|
|
;;
|
|
esac
|