Mathieu Broillet
673c7a3858
All checks were successful
continuous-integration/drone/push Build is passing
66 lines
1.7 KiB
Bash
66 lines
1.7 KiB
Bash
#!/bin/bash
|
|
|
|
# check if ssh is installed
|
|
if ! command -v ssh &>/dev/null; then
|
|
echo "SSH is not installed"
|
|
else
|
|
echo "SSH is already installed"
|
|
exit 1
|
|
fi
|
|
|
|
if lsb_release -a 2>/dev/null | grep -q -E "Debian|Ubuntu"; then
|
|
echo "Running Debian or Ubuntu"
|
|
apt-get install openssh-server
|
|
systemctl start sshd
|
|
|
|
elif cat /etc/os-release 2>/dev/null | grep -q -i "alpine"; then
|
|
echo "Running Alpine"
|
|
|
|
# Stop and remove Dropbear
|
|
rc-service dropbear stop
|
|
rc-update del dropbear
|
|
apk del dropbear* -f
|
|
|
|
# Stop and remove SSHD
|
|
rc-service sshd stop
|
|
rc-update del sshd
|
|
apk del openssh* -f
|
|
|
|
# Clean up Dropbear and SSH configurations
|
|
rm -rf /etc/dropbear
|
|
rm -rf /etc/ssh
|
|
rm /etc/init.d/ssh
|
|
|
|
# Reboot now if needed
|
|
# reboot now
|
|
|
|
# Install OpenSSH and necessary packages
|
|
apk add openssh gcompat libstdc++ curl bash git grep
|
|
apk add procps --no-cache
|
|
|
|
# Start and add SSHD to startup
|
|
rc-service sshd start
|
|
rc-update add sshd
|
|
|
|
# Update AllowTcpForwarding setting
|
|
sed -i 's/^#*AllowTcpForwarding.*/AllowTcpForwarding yes/' /etc/ssh/sshd_config
|
|
|
|
# Update PermitTunnel setting
|
|
sed -i 's/^#*PermitTunnel.*/PermitTunnel yes/' /etc/ssh/sshd_config
|
|
|
|
# Uncomment the line if needed (remove '#' at the beginning)
|
|
sed -i 's/^#PermitTunnel.*/PermitTunnel yes/' /etc/ssh/sshd_config
|
|
|
|
# Restart the SSH service to apply the changes
|
|
/etc/init.d/sshd restart
|
|
|
|
else
|
|
echo "Unknown distribution"
|
|
exit 1
|
|
fi
|
|
|
|
# Set PermitRootLogin to prohibit-password
|
|
sed -i 's/^#*PermitRootLogin.*/PermitRootLogin prohibit-password/' /etc/ssh/sshd_config
|
|
|
|
# Generate SSH keys (doesn't overwrite if keys already exists)
|
|
ssh-keygen -q -t rsa -N '' <<< $'\nn' >/dev/null 2>&1 |