Skip to content

Commit

Permalink
49-sshd: create dropin file instead of using sed
Browse files Browse the repository at this point in the history
Should be more stable, and easier to understand.
  • Loading branch information
zeha committed Dec 20, 2024
1 parent 5c2fb05 commit 61b47bd
Showing 1 changed file with 7 additions and 22 deletions.
29 changes: 7 additions & 22 deletions etc/grml/fai/config/scripts/GRMLBASE/49-sshd
Original file line number Diff line number Diff line change
Expand Up @@ -17,28 +17,13 @@ if ! [ -r "${target}/etc/ssh/sshd_config" ] ; then
exit 0
fi

# make sure root login works, it's set to "without-password" since openssh-server v1:6.6p1-1
# and defaults to "prohibit-password" since openssh-server v1:7.1p1-1
if grep -q '^PermitRootLogin ' "${target}/etc/ssh/sshd_config" ; then
# make sure we don't modify our own disabled snippet once again
if ! grep -q 'PermitRootLogin .*disabled via grml-live' "${target}/etc/ssh/sshd_config" ; then
sed -i "s/^\(PermitRootLogin .*\)/# \1 # disabled via grml-live\nPermitRootLogin yes/" "${target}/etc/ssh/sshd_config"
fi
else
echo "# Added via grml-live script:" >> "${target}/etc/ssh/sshd_config"
echo "PermitRootLogin yes" >> "${target}/etc/ssh/sshd_config"
fi

# speedup if DNS is broken/unavailable
if grep -q '^UseDNS ' "${target}/etc/ssh/sshd_config" ; then
# make sure we don't modify our own disabled snippet once again
if ! grep -q 'UseDNS .*disabled via grml-live' "${target}/etc/ssh/sshd_config" ; then
sed -i "s/^\(UseDNS .*\)/# \1 # disabled via grml-live\nUseDNS no/" "${target}/etc/ssh/sshd_config"
fi
else
echo "# Added via grml-live script:" >> "${target}/etc/ssh/sshd_config"
echo "UseDNS no" >> "${target}/etc/ssh/sshd_config"
fi
cat > "${target}"/etc/ssh/sshd_config.d/grml-live.conf <<EOT
# Installed by grml-live.
# Ensure root login works. Modern openssh-servers default to prohibit-password.
PermitRootLogin yes
# Speedup if DNS is broken/unavailable.
UseDNS no
EOT

## END OF FILE #################################################################
# vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2

0 comments on commit 61b47bd

Please sign in to comment.