From: Frank Brehm Date: Fri, 19 Jun 2020 11:34:54 +0000 (+0200) Subject: Adding and using snippets/tpl.320.root-ssh-login.sh X-Git-Tag: 2.1.2^2~9^2~31^2~17^2~8 X-Git-Url: https://git.uhu-banane.org/?a=commitdiff_plain;h=dfbc51f0abb9b1743038fa7448470f7e1b3650f8;p=pixelpark%2Fcreate-vmware-tpl.git Adding and using snippets/tpl.320.root-ssh-login.sh --- diff --git a/kickstart/template-centos8.ks b/kickstart/template-centos8.ks index 528a16c..59ea29a 100644 --- a/kickstart/template-centos8.ks +++ b/kickstart/template-centos8.ks @@ -217,6 +217,11 @@ echo echo "Using snippet $create_motd_snippet" $SNIPPET($create_motd_snippet) +#set $root_ssh_snippet = "per_status/" + $SYSTEM_STATUS + "/tpl.320.root-ssh-login.sh" +echo +echo "Using snippet $root_ssh_snippet" +$SNIPPET($root_ssh_snippet) + #set $legato_snippet = "per_status/" + $SYSTEM_STATUS + "/tpl.350.legato.sh" echo echo "Using snippet $legato_snippet" diff --git a/snippets/tpl.320.root-ssh-login.sh b/snippets/tpl.320.root-ssh-login.sh new file mode 100644 index 0000000..8b95972 --- /dev/null +++ b/snippets/tpl.320.root-ssh-login.sh @@ -0,0 +1,25 @@ +## !/bin/bash +#raw + +#----------------------------------------------------------- +disable_root_ssh_login_pw() { + + echo + echo "${HASH_LINE}" + echo "Calling disable_root_ssh_login_pw() ..." + echo + log "Disabling SSH access for root with password ..." + + if grep -P -w -i 'PermitRootLogin' /etc/ssh/sshd_config >/dev/null ; then + perl -p -i -e 's/^\s*#?\s*PermitRootLogin\s.*/PermitRootLogin without-password/i' /etc/ssh/sshd_config + else + echo "PermitRootLogin without-password" >> /etc/ssh/sshd_config + fi + +} + +disable_root_ssh_login_pw + + +#end raw +## vim: ts=4 et list