From 7f15b61f23f589c8a3afc3ec5f75c3b5e8b3a0ca Mon Sep 17 00:00:00 2001 From: David Kebler Date: Sat, 3 Aug 2024 14:51:11 -0700 Subject: [PATCH] add new module sshd-dns which can process sshd conf files substituing IPs for hostnames --- modules/sshd-dns.mod | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 modules/sshd-dns.mod diff --git a/modules/sshd-dns.mod b/modules/sshd-dns.mod new file mode 100644 index 0000000..3de79e1 --- /dev/null +++ b/modules/sshd-dns.mod @@ -0,0 +1,30 @@ +#!/bin/bash + +sshd_dns () { +local dir +local dnsconf +local conf +dir=${1:-"/etc/ssh/sshd_config.d"} +pushd "$dir" 1>/dev/null || return; +for dnsconf in *.conf.dns; do + [[ -f "$dnsconf" ]] || break + conf=$(basename $dnsconf .dns) + echo "----- processing sshd file $dnsconf to $conf ----" + sudo cp $dnsconf $conf + cat $conf + echo -e "\n------------" + for host in $(sed -e 's/[ ,]/\n/g' $conf | sed -n 's/[Dd][Nn][Ss]://p'); do + echo found host $host, substituting $(dig +short $host) + sudo sed -i 's/[Dd][Nn][Ss]:'$host'/'$(dig +short $host)'/g' $conf + done + echo "----- created sshd conf file $conf ----" + cat $conf + echo -e "\n------------" + done +echo restart ssh service daemon to enable these changes +popd 1>/dev/null || return + +} + + +