X-Git-Url: https://git.grml.org/?p=grml-live.git;a=blobdiff_plain;f=etc%2Fgrml%2Ffai%2Fconfig%2Fscripts%2FGRMLBASE%2F49-sshd;fp=etc%2Fgrml%2Ffai%2Fconfig%2Fscripts%2FGRMLBASE%2F49-sshd;h=9f0a82409bcffcb1ebf79dacde373b9f2fa7f9f2;hp=0000000000000000000000000000000000000000;hb=0ad0e8152cdad938120d300ec55104c1a1554b6c;hpb=908cad48a063ba31385f0a23667d23d600b4b818

diff --git a/etc/grml/fai/config/scripts/GRMLBASE/49-sshd b/etc/grml/fai/config/scripts/GRMLBASE/49-sshd
new file mode 100755
index 0000000..9f0a824
--- /dev/null
+++ b/etc/grml/fai/config/scripts/GRMLBASE/49-sshd
@@ -0,0 +1,29 @@
+#!/bin/bash
+# Filename:      ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/49-sshd
+# Purpose:       adjust sshd configuration file
+# Authors:       grml-team (grml.org), (c) Michael Prokop <mika@grml.org>
+# Bug-Reports:   see http://grml.org/bugs/
+# License:       This file is licensed under the GPL v2 or any later version.
+################################################################################
+
+set -u
+set -e
+
+if ! [ -r "${target}/etc/ssh/sshd_config" ] ; then
+  echo "File /etc/ssh/sshd_config doesn't exist, skipping execution of script."
+  exit 0
+fi
+
+# make sure root login works, it's set to "without-password" since openssh-server v1:6.6p1-1
+sed -i "s/^\(PermitRootLogin without-password\)/# \1 # disabled via grml-live\nPermitRootLogin yes/" "${target}/etc/ssh/sshd_config"
+
+# speedup if DNS is broken/unavailable
+if grep -q '^UseDNS' "${target}/etc/ssh/sshd_config" ; then
+  sed -i "s/^\(UseDNS yes\)/# \1 # disabled via grml-live\nUseDNS no/" "${target}/etc/ssh/sshd_config"
+else
+  echo "# Added via grml-live script:" >> "${target}/etc/ssh/sshd_config"
+  echo "UseDNS no" >> "${target}/etc/ssh/sshd_config"
+fi
+
+## END OF FILE #################################################################
+# vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2