Merge Ubuntu and Fedora instructions for ssh/sshd setup
Implements: blueprint merge-dib-hadoop-elements Change-Id: Iabcb30abee4ccf79235aeb113eaa414a44835693
This commit is contained in:
parent
0092ac37df
commit
b7def9d8c3
|
@ -8,21 +8,52 @@ echo "Adjusting ssh configuration"
|
|||
# Note1: augtool on Ubuntu does not auto-save, pass -s
|
||||
install-packages augeas openssh-server openssh-clients
|
||||
|
||||
augtool set /files/etc/ssh/sshd_config/PasswordAuthentication yes
|
||||
augtool set /files/etc/ssh/sshd_config/UseDNS no
|
||||
augtool set /files/etc/ssh/sshd_config/PermitTunnel yes
|
||||
augtool set /files/etc/ssh/sshd_config/SyslogFacility AUTH
|
||||
augtool set /files/etc/ssh/sshd_config/PermitRootLogin yes
|
||||
augtool set /files/etc/ssh/sshd_config/StrictModes yes
|
||||
augtool set /files/etc/ssh/sshd_config/RSAAuthentication yes
|
||||
augtool set /files/etc/ssh/sshd_config/PubkeyAuthentication yes
|
||||
augtool set /files/etc/ssh/sshd_config/IgnoreRhosts yes
|
||||
|
||||
augtool set /files/etc/ssh/ssh_config/Host/StrictHostKeyChecking no
|
||||
augtool set /files/etc/ssh/ssh_config/Host/GSSAPIDelegateCredentials no
|
||||
augtool set /files/etc/ssh/ssh_config/Host/GSSAPIAuthentication no
|
||||
##
|
||||
## ssh server configuration
|
||||
##
|
||||
|
||||
# Unique to Ubuntu
|
||||
augtool -s set /files/etc/ssh/sshd_config/PasswordAuthentication yes
|
||||
augtool -s set /files/etc/ssh/sshd_config/GSSAPICleanupCredentials yes
|
||||
augtool -s set /files/etc/ssh/sshd_config/AuthorizedKeysFile .ssh/authorized_keys
|
||||
|
||||
# Unique to Fedora
|
||||
augtool -s set /files/etc/ssh/sshd_config/SyslogFacility AUTH
|
||||
augtool -s set /files/etc/ssh/sshd_config/PermitRootLogin yes
|
||||
augtool -s set /files/etc/ssh/sshd_config/StrictModes yes
|
||||
augtool -s set /files/etc/ssh/sshd_config/RSAAuthentication yes
|
||||
augtool -s set /files/etc/ssh/sshd_config/PubkeyAuthentication yes
|
||||
augtool -s set /files/etc/ssh/sshd_config/IgnoreRhosts yes
|
||||
|
||||
# Common
|
||||
augtool -s set /files/etc/ssh/sshd_config/GSSAPIAuthentication no
|
||||
augtool -s set /files/etc/ssh/sshd_config/UseDNS no
|
||||
augtool -s set /files/etc/ssh/sshd_config/PermitTunnel yes
|
||||
|
||||
|
||||
##
|
||||
## ssh client configuration
|
||||
##
|
||||
|
||||
# Unique to Ubuntu
|
||||
#none
|
||||
|
||||
# Unique to Fedora
|
||||
augtool -s set /files/etc/ssh/ssh_config/Host/GSSAPIDelegateCredentials no
|
||||
|
||||
# Common
|
||||
augtool -s set /files/etc/ssh/ssh_config/Host/StrictHostKeyChecking no
|
||||
augtool -s set /files/etc/ssh/ssh_config/Host/GSSAPIAuthentication no
|
||||
|
||||
|
||||
##
|
||||
## Misc configuration
|
||||
##
|
||||
|
||||
# Unique to Fedora
|
||||
# No known augeas lense for cloud-init config
|
||||
sed -i 's/ssh_pwauth: 0/ssh_pwauth: 1/' /etc/cloud/cloud.cfg
|
||||
|
||||
augtool clear /files/etc/sudoers/Defaults[type=':nrpe']/requiretty/negate
|
||||
# Unique to Fedora
|
||||
augtool -s clear /files/etc/sudoers/Defaults[type=':nrpe']/requiretty/negate
|
||||
|
|
Loading…
Reference in New Issue