devuan-sdk
/
libdevuansdk
mirror of https://github.com/parazyd/libdevuansdk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

simplify ssh setup

This commit is contained in:
parazyd 2017-01-20 14:21:00 +01:00
parent c3128bb1bc
commit 6002758634
No known key found for this signature in database
GPG Key ID: F0CB28FCF78637DE
4 changed files with 42 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
config
View File

@ -41,8 +41,8 @@ core_packages=(
bzip2 bzip2
curl curl
less less
vim-tiny vim
nano-tiny nano
sysvinit sysvinit
) )
@ -54,8 +54,9 @@ base_packages=(
sudo sudo
alsa-base alsa-base
alsa-utils alsa-utils
gawk mawk
tmux tmux
screen
openntpd openntpd
wpasupplicant wpasupplicant
wireless-tools wireless-tools

1
zlibs/bootstrap
View File

@ -59,6 +59,7 @@ bootstrap_complete_base() {
conf_print_networkifaces | sudo tee $strapdir/etc/network/interfaces conf_print_networkifaces | sudo tee $strapdir/etc/network/interfaces
conf_print_resolvconf | sudo tee $strapdir/etc/resolv.conf conf_print_resolvconf | sudo tee $strapdir/etc/resolv.conf
conf_print_sourceslist | sudo tee $strapdir/etc/apt/sources.list conf_print_sourceslist | sudo tee $strapdir/etc/apt/sources.list
conf_print_locales | sudo tee $strapdir/etc/profile.d/locales.sh
## write third-stage for chroot ## write third-stage for chroot
bootstrap_config_thirdstage | sudo tee $strapdir/thirdstage bootstrap_config_thirdstage | sudo tee $strapdir/thirdstage

52
zlibs/helpers
View File

@ -177,52 +177,12 @@ enablessh() {
req=(strapdir) req=(strapdir)
ckreq || return 1 ckreq || return 1
cat <<EOF | sudo tee -a ${strapdir}/enssh # "hardened" ssh
#!/bin/sh sudo -E sed -i $strapdir/etc/sshd_config \
sed -i -e 's/PermitRootLogin without-password/PermitRootLogin yes/' /etc/ssh/sshd_config -e 's/PermitRootLogin .*/PermitRootLogin yes/' \
update-rc.d ssh enable -e 's/HostKey .*dsa_key/#&/' \
update-rc.d regensshkeys defaults -e 's/X11Forwarding .*/X11Forwarding no/' \
update-rc.d regensshkeys enable -e 's/UsePAM .*/UsePAM no/'
rm -f /enssh
EOF
cat <<EOF | sudo tee ${strapdir}/etc/init.d/regensshkeys
#!/bin/sh
#
### BEGIN INIT INFO
# Provides: something
# Required-Start: \$syslog
# Required-Stop: \$syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Regenerate openssh-server keys
# Description: Regenerate openssh-server keys
### END INIT INFO
#
set -e
set -u
genkeys() {
/usr/sbin/service ssh stop
/usr/sbin/dpkg-reconfigure openssh-server
/usr/sbin/service ssh start
/usr/sbin/update-rc.d regensshkeys disable
}
case "\$1" in
start)
genkeys;;
stop)
;;
*)
echo "usage: \$(basename \$0) {start}"
;;
esac
EOF
sudo chmod +x $strapdir/etc/init.d/regensshkeys
chroot-script -d enssh
} }
install-custdebs() { install-custdebs() {

31
zlibs/sysconf
View File

@ -126,3 +126,34 @@ deb ${mirror} ${release}-security ${section}
#deb-src ${mirror} ${release}-security ${section} #deb-src ${mirror} ${release}-security ${section}
EOF EOF
} }
conf_print_locales() {
fn conf_print_locales
cat <<EOF
export LANG=C
export LC_ALL=C
EOF
}
conf_print_rclocal() {
fn conf_print_rclocal
cat <<EOF
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
## regen ssh keys on first boot
[ -f /etc/ssh/ssh_host_rsa_key.pub ] || dpkg-reconfigure openssh-server
exit 0
EOF
}