Finalize OpenBSD compatibility
Signed-off-by: Georg <georg@lysergic.dev>
This commit is contained in:
parent
7bcae4982d
commit
35320e15a3
@ -22,23 +22,32 @@ KERNEL=$(uname)
|
|||||||
IP_ADDRESS="$(get_ip_address)"
|
IP_ADDRESS="$(get_ip_address)"
|
||||||
if [ "$KERNEL" = "OpenBSD" ] || [ "$KERNEL" = "Linux" ]; then
|
if [ "$KERNEL" = "OpenBSD" ] || [ "$KERNEL" = "Linux" ]; then
|
||||||
if [ -f /tmp/$HOSTNAME ] && [ -f /tmp/$HOSTNAME-cert.pub ]; then
|
if [ -f /tmp/$HOSTNAME ] && [ -f /tmp/$HOSTNAME-cert.pub ]; then
|
||||||
mkdir /etc/ssh/old
|
if [ ! -d /etc/ssh/old ]; then
|
||||||
[ -f /etc/ssh/ssh_known_hosts ] && mv /etc/ssh/ssh_known_hosts/ /etc/ssh/old/
|
mkdir /etc/ssh/old
|
||||||
if compgen -G "/etc/ssh/ssh_host_*" > /dev/null; then
|
fi
|
||||||
mv /etc/ssh/ssh_host_* /etc/ssh/old/
|
if [ -f /etc/ssh/ssh_known_hosts ]; then
|
||||||
|
mv /etc/ssh/ssh_known_hosts /etc/ssh/old/
|
||||||
|
fi
|
||||||
|
#if compgen -G "/etc/ssh/ssh_host_*" > /dev/null; then
|
||||||
|
#mv /etc/ssh/ssh_host_* /etc/ssh/old/
|
||||||
|
#fi
|
||||||
|
if [ -f /etc/ssh/ssh_host_rsa_key ]; then
|
||||||
|
mv /etc/ssh/ssh_host_* /etc/ssh/old/
|
||||||
fi
|
fi
|
||||||
mv /etc/ssh/sshd_config /etc/ssh/old/
|
mv /etc/ssh/sshd_config /etc/ssh/old/
|
||||||
[ -f /etc/ssh/ssh_config ] && mv /etc/ssh/old/
|
if [ -f /etc/ssh/ssh_config ]; then
|
||||||
|
mv /etc/ssh/ssh_config /etc/ssh/old/
|
||||||
|
fi
|
||||||
mv /tmp/$HOSTNAME /etc/ssh/
|
mv /tmp/$HOSTNAME /etc/ssh/
|
||||||
mv /tmp/$HOSTNAME-cert.pub /etc/ssh/
|
mv /tmp/$HOSTNAME-cert.pub /etc/ssh/
|
||||||
cat <<'EOF_SSHD_CONFIG' >/etc/ssh/sshd_config
|
cat <<'EOF_SSHD_CONFIG' >/etc/ssh/sshd_config
|
||||||
ListenAddress $IP_ADDRESS
|
ListenAddress %%IP_ADDRESS%%
|
||||||
Protocol 2
|
Protocol 2
|
||||||
SyslogFacility AUTH
|
SyslogFacility AUTH
|
||||||
LogLevel FATAL
|
LogLevel FATAL
|
||||||
|
|
||||||
HostKey /etc/ssh/$HOSTNAME
|
HostKey /etc/ssh/%%HOSTNAME%%
|
||||||
HostCertificate /etc/ssh/$HOSTNAME-cert.pub
|
HostCertificate /etc/ssh/%%HOSTNAME%%-cert.pub
|
||||||
TrustedUserCAKeys /etc/ssh/user_ca
|
TrustedUserCAKeys /etc/ssh/user_ca
|
||||||
PasswordAuthentication no
|
PasswordAuthentication no
|
||||||
ChallengeResponseAuthentication no
|
ChallengeResponseAuthentication no
|
||||||
@ -54,8 +63,9 @@ X11Forwarding no
|
|||||||
PrintMotd yes
|
PrintMotd yes
|
||||||
PrintLastLog yes
|
PrintLastLog yes
|
||||||
EOF_SSHD_CONFIG
|
EOF_SSHD_CONFIG
|
||||||
|
sed -i -e "s/%%IP_ADDRESS%%/$IP_ADDRESS/" -e "s/%%HOSTNAME%%/$HOSTNAME/" /etc/ssh/sshd_config
|
||||||
cat <<'EOF_USER_CA' >/etc/ssh/user_ca
|
cat <<'EOF_USER_CA' >/etc/ssh/user_ca
|
||||||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOLbLqHWXcxLGf58aJwa4eSC3KYGfdIiluKynOXS/fZD system@lysergic.dev
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOLbLqHWXcxLGf58aJwa4eSC3KYGfdIiluKynOXS/fZD root@philia.rigel.lysergic.dev
|
||||||
EOF_USER_CA
|
EOF_USER_CA
|
||||||
case $KERNEL in
|
case $KERNEL in
|
||||||
"OpenBSD" ) rcctl reload sshd
|
"OpenBSD" ) rcctl reload sshd
|
||||||
|
Loading…
Reference in New Issue
Block a user