mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2024-12-22 07:17:05 +00:00
move the SSH password login check out of setup because it interfers with Vagrant and into a separate script that we'll use for auditing in a later phase
This commit is contained in:
parent
6194c63f76
commit
f9c3f33e74
15
setup/check_ssh.sh
Executable file
15
setup/check_ssh.sh
Executable file
@ -0,0 +1,15 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Check that SSH login with password is disabled. Stop if it's enabled.
|
||||
if grep -q "^PasswordAuthentication yes" /etc/ssh/sshd_config \
|
||||
|| ! grep -q "^PasswordAuthentication no" /etc/ssh/sshd_config ; then
|
||||
echo "The SSH server on this machine permits password-based login."
|
||||
echo "A more secure way to log in is using a public key."
|
||||
echo ""
|
||||
echo "Add your SSH public key to $HOME/.ssh/authorized_keys, check"
|
||||
echo "check that you can log in without a password, set the option"
|
||||
echo "'PasswordAuthentication no' in /etc/ssh/sshd_config, and then"
|
||||
echo "restart the openssh via 'sudo service ssh restart'"
|
||||
exit
|
||||
fi
|
||||
|
@ -5,21 +5,6 @@ source setup/functions.sh # load our functions
|
||||
apt-get -qq update
|
||||
apt-get -qq -y upgrade
|
||||
|
||||
# Install openssh-server to ensure that the end result is consistent across all Mail-in-a-Boxes.
|
||||
apt_install openssh-server
|
||||
|
||||
# Check that SSH login with password is disabled. Stop if it's enabled.
|
||||
if grep -q "^PasswordAuthentication yes" /etc/ssh/sshd_config \
|
||||
|| ! grep -q "^PasswordAuthentication no" /etc/ssh/sshd_config ; then
|
||||
echo
|
||||
echo "The SSH server on this machine permits password-based login."
|
||||
echo "Add your SSH public key to $HOME/.ssh/authorized_keys, check"
|
||||
echo "check that you can log in without a password, set the option"
|
||||
echo "'PasswordAuthentication no' in /etc/ssh/sshd_config, and then"
|
||||
echo "restart the openssh via 'sudo service ssh restart'"
|
||||
exit
|
||||
fi
|
||||
|
||||
# Install basic utilities.
|
||||
|
||||
apt_install python3 wget curl bind9-host
|
||||
|
Loading…
Reference in New Issue
Block a user