summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xscripts/rl-system.init9
-rw-r--r--templates/service/ssh/listen-address/node.def10
2 files changed, 16 insertions, 3 deletions
diff --git a/scripts/rl-system.init b/scripts/rl-system.init
index fc328b7b..b73befba 100755
--- a/scripts/rl-system.init
+++ b/scripts/rl-system.init
@@ -179,10 +179,13 @@ security_reset () {
# Disable root login over telnet
sed -i -e '/^# Pseudo-terminal (telnet)/,$d' /etc/securetty
- # Disable root login with ssh
- # Renable DNS validation
+ # Restore default sshd config
+ # Disable root login with ssh
+ # Renable DNS validation
+ # Remove Listen addresses
sed -i -e '/^PermitRootLogin/s/yes/no/' \
- -e '/^UseDNS/s/no/yes/' /etc/ssh/sshd_config
+ -e '/^UseDNS/s/no/yes/' \
+ -e '/^ListenAddress/d' /etc/ssh/sshd_config
}
start () {
diff --git a/templates/service/ssh/listen-address/node.def b/templates/service/ssh/listen-address/node.def
new file mode 100644
index 00000000..aeff03f2
--- /dev/null
+++ b/templates/service/ssh/listen-address/node.def
@@ -0,0 +1,10 @@
+multi:
+type: ipv4,ipv6
+help: Local addresses SSH service should listen on
+val_help: ipv4: IP address to listen for incoming connections
+val_help: ipv6: IPv6 address to listen for incoming connections
+
+create: sudo sed -i -e '/^Port/a \
+ListenAddress $VAR(@)' /etc/ssh/sshd_config
+
+delete: sudo sed -i -e '/^ListenAddress $VAR(@)$/d' /etc/ssh/sshd_config
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-04 13:29:01 +0000