diff options
author | Stephen Hemminger <stephen.hemminger@vyatta.com> | 2009-12-03 10:55:59 -0800 |
---|---|---|
committer | Stephen Hemminger <stephen.hemminger@vyatta.com> | 2009-12-03 10:55:59 -0800 |
commit | a83faa7789ddb8c930a973774e5cedf062e10919 (patch) | |
tree | 30419b551f7242518182ac13e2440e878eb9c089 /templates/service | |
parent | ee87a223623a80469beec50a2c0b6c0c121fe99b (diff) | |
download | vyatta-cfg-system-a83faa7789ddb8c930a973774e5cedf062e10919.tar.gz vyatta-cfg-system-a83faa7789ddb8c930a973774e5cedf062e10919.zip |
SSH enhancements
Add public key support
Convert allow-root and password-authentication from boolean nodes to
regular nodes.
Diffstat (limited to 'templates/service')
-rw-r--r-- | templates/service/ssh/allow-root/node.def | 15 | ||||
-rw-r--r-- | templates/service/ssh/disable-password-authentication/node.def | 5 | ||||
-rw-r--r-- | templates/service/ssh/password-authentication/node.def | 14 |
3 files changed, 8 insertions, 26 deletions
diff --git a/templates/service/ssh/allow-root/node.def b/templates/service/ssh/allow-root/node.def index 25a5a97a..1c56d221 100644 --- a/templates/service/ssh/allow-root/node.def +++ b/templates/service/ssh/allow-root/node.def @@ -1,14 +1,5 @@ -type: bool -default: false -help: Enable/disable root login over ssh -update: if [ "$VAR(@)" == "true" ]; - then regex='/^PermitRootLogin/s/no/yes/' - else regex='/^PermitRootLogin/s/yes/no/' - fi - sudo sed -i -e "$regex" /etc/ssh/sshd_config +help: Enable root login over ssh -comp_help: possible completions: - true Enable root login over ssh - false Disable root login over ssh +update: sudo sed -i -e '/^PermitRootLogin/s/no/yes/' /etc/ssh/sshd_config -allowed: echo "true false" +delete: sudo sed -i -e '/^PermitRootLogin/s/yes/no/' /etc/ssh/sshd_config diff --git a/templates/service/ssh/disable-password-authentication/node.def b/templates/service/ssh/disable-password-authentication/node.def new file mode 100644 index 00000000..59abacfc --- /dev/null +++ b/templates/service/ssh/disable-password-authentication/node.def @@ -0,0 +1,5 @@ +help: Don't allow unknown user to login with password + +update: sudo sed -i -e '/^PasswordAuthentication/s/yes/no/' /etc/ssh/sshd_config + +delete: sudo sed -i -e '/^PasswordAuthentication/s/no/yes/' /etc/ssh/sshd_config diff --git a/templates/service/ssh/password-authentication/node.def b/templates/service/ssh/password-authentication/node.def deleted file mode 100644 index c17dd47c..00000000 --- a/templates/service/ssh/password-authentication/node.def +++ /dev/null @@ -1,14 +0,0 @@ -type: bool -default: true -help: Allow user's to login with password -update: if [ "$VAR(@)" == "true" ]; - then regex='/^PasswordAuthentication/s/no/yes/' - else regex='/^PasswordAuthentication/s/yes/no/' - fi - sudo sed -i -e "$regex" /etc/ssh/sshd_config - -comp_help: possible completions: - true Allow authentication with password - false Disable authentication with password (secure) - -allowed: echo "true false" |