Finalize OpenBSD compatibility
Signed-off-by: Georg <georg@lysergic.dev>
This commit is contained in:
parent
7bcae4982d
commit
35320e15a3
@ -22,23 +22,32 @@ KERNEL=$(uname)
|
||||
IP_ADDRESS="$(get_ip_address)"
|
||||
if [ "$KERNEL" = "OpenBSD" ] || [ "$KERNEL" = "Linux" ]; then
|
||||
if [ -f /tmp/$HOSTNAME ] && [ -f /tmp/$HOSTNAME-cert.pub ]; then
|
||||
if [ ! -d /etc/ssh/old ]; then
|
||||
mkdir /etc/ssh/old
|
||||
[ -f /etc/ssh/ssh_known_hosts ] && mv /etc/ssh/ssh_known_hosts/ /etc/ssh/old/
|
||||
if compgen -G "/etc/ssh/ssh_host_*" > /dev/null; then
|
||||
fi
|
||||
if [ -f /etc/ssh/ssh_known_hosts ]; then
|
||||
mv /etc/ssh/ssh_known_hosts /etc/ssh/old/
|
||||
fi
|
||||
#if compgen -G "/etc/ssh/ssh_host_*" > /dev/null; then
|
||||
#mv /etc/ssh/ssh_host_* /etc/ssh/old/
|
||||
#fi
|
||||
if [ -f /etc/ssh/ssh_host_rsa_key ]; then
|
||||
mv /etc/ssh/ssh_host_* /etc/ssh/old/
|
||||
fi
|
||||
mv /etc/ssh/sshd_config /etc/ssh/old/
|
||||
[ -f /etc/ssh/ssh_config ] && mv /etc/ssh/old/
|
||||
if [ -f /etc/ssh/ssh_config ]; then
|
||||
mv /etc/ssh/ssh_config /etc/ssh/old/
|
||||
fi
|
||||
mv /tmp/$HOSTNAME /etc/ssh/
|
||||
mv /tmp/$HOSTNAME-cert.pub /etc/ssh/
|
||||
cat <<'EOF_SSHD_CONFIG' >/etc/ssh/sshd_config
|
||||
ListenAddress $IP_ADDRESS
|
||||
ListenAddress %%IP_ADDRESS%%
|
||||
Protocol 2
|
||||
SyslogFacility AUTH
|
||||
LogLevel FATAL
|
||||
|
||||
HostKey /etc/ssh/$HOSTNAME
|
||||
HostCertificate /etc/ssh/$HOSTNAME-cert.pub
|
||||
HostKey /etc/ssh/%%HOSTNAME%%
|
||||
HostCertificate /etc/ssh/%%HOSTNAME%%-cert.pub
|
||||
TrustedUserCAKeys /etc/ssh/user_ca
|
||||
PasswordAuthentication no
|
||||
ChallengeResponseAuthentication no
|
||||
@ -54,8 +63,9 @@ X11Forwarding no
|
||||
PrintMotd yes
|
||||
PrintLastLog yes
|
||||
EOF_SSHD_CONFIG
|
||||
sed -i -e "s/%%IP_ADDRESS%%/$IP_ADDRESS/" -e "s/%%HOSTNAME%%/$HOSTNAME/" /etc/ssh/sshd_config
|
||||
cat <<'EOF_USER_CA' >/etc/ssh/user_ca
|
||||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOLbLqHWXcxLGf58aJwa4eSC3KYGfdIiluKynOXS/fZD system@lysergic.dev
|
||||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOLbLqHWXcxLGf58aJwa4eSC3KYGfdIiluKynOXS/fZD root@philia.rigel.lysergic.dev
|
||||
EOF_USER_CA
|
||||
case $KERNEL in
|
||||
"OpenBSD" ) rcctl reload sshd
|
||||
|
Loading…
Reference in New Issue
Block a user