shell-network/modules/ssh-utils.mod

#!/bin/bash

# TODO.  instead  write files in sshd_config.d
# sshd_disable_pw () {
#   module_load config_edit
#   local cnf=$(declare -f confirm) 
#   local cc=$(declare -f config_change)
#   declare -A settings
#   local settings=( ["PasswordAuthentication"]=no ["PubkeyAuthentication"]=yes ["ChallengeResponseAuthentication"]=no)
#   #file=/etc/ssh/sshd_config
#   file=test.config
#   for setting in ${!settings[@]}; do        
#   sudo bash -c "$cnf;$cc;config_change $setting ${settings[${setting}]} $file"
#   done
# }


ssh_dir_permissions() {
    sudo chmod -R g-w $HOME
    echo warning turned off group write for $HOME as this can cause ssh failure
    sudo chown -R $USER:$USER $HOME/.ssh
    sudo chmod 00700 $HOME/.ssh
    sudo chmod 600 $HOME/.ssh/authorized_keys
    sudo chmod 400 $HOME/.ssh/id_rsa
    sudo chmod 644 $HOME/.ssh/id_rsa.pub
    sudo chmod 600 $HOME/.ssh/known_hosts
}
ssh modules and functions update - details to follow 2022-03-28 10:05:26 -07:00			`#!/bin/bash`

			`# TODO. instead write files in sshd_config.d`
			`# sshd_disable_pw () {`
			`# module_load config_edit`
			`# local cnf=$(declare -f confirm)`
			`# local cc=$(declare -f config_change)`
			`# declare -A settings`
			`# local settings=( ["PasswordAuthentication"]=no ["PubkeyAuthentication"]=yes ["ChallengeResponseAuthentication"]=no)`
			`# #file=/etc/ssh/sshd_config`
			`# file=test.config`
			`# for setting in ${!settings[@]}; do`
			`# sudo bash -c "$cnf;$cc;config_change $setting ${settings[${setting}]} $file"`
			`# done`
			`# }`


			`ssh_dir_permissions() {`
			`sudo chmod -R g-w $HOME`
			`echo warning turned off group write for $HOME as this can cause ssh failure`
			`sudo chown -R $USER:$USER $HOME/.ssh`
			`sudo chmod 00700 $HOME/.ssh`
			`sudo chmod 600 $HOME/.ssh/authorized_keys`
			`sudo chmod 400 $HOME/.ssh/id_rsa`
			`sudo chmod 644 $HOME/.ssh/id_rsa.pub`
			`sudo chmod 600 $HOME/.ssh/known_hosts`
			`}`