27 lines
900 B
Bash
27 lines
900 B
Bash
#!/bin/bash
|
|
|
|
# TODO. instead write files in sshd_config.d
|
|
# sshd_disable_pw () {
|
|
# module_load config_edit
|
|
# local cnf=$(declare -f confirm)
|
|
# local cc=$(declare -f config_change)
|
|
# declare -A settings
|
|
# local settings=( ["PasswordAuthentication"]=no ["PubkeyAuthentication"]=yes ["ChallengeResponseAuthentication"]=no)
|
|
# #file=/etc/ssh/sshd_config
|
|
# file=test.config
|
|
# for setting in ${!settings[@]}; do
|
|
# sudo bash -c "$cnf;$cc;config_change $setting ${settings[${setting}]} $file"
|
|
# done
|
|
# }
|
|
|
|
|
|
ssh_dir_permissions() {
|
|
sudo chmod -R g-w $HOME
|
|
echo warning turned off group write for $HOME as this can cause ssh failure
|
|
sudo chown -R $USER:$USER $HOME/.ssh
|
|
sudo chmod 00700 $HOME/.ssh
|
|
sudo chmod 600 $HOME/.ssh/authorized_keys
|
|
sudo chmod 400 $HOME/.ssh/id_rsa
|
|
sudo chmod 644 $HOME/.ssh/id_rsa.pub
|
|
sudo chmod 600 $HOME/.ssh/known_hosts
|
|
} |