Merge Ubuntu and Fedora instructions for ssh/sshd setup

Implements: blueprint merge-dib-hadoop-elements
Change-Id: Iabcb30abee4ccf79235aeb113eaa414a44835693
This commit is contained in:
Matthew Farrellee 2013-07-10 15:39:27 -04:00
parent 0092ac37df
commit b7def9d8c3
1 changed files with 44 additions and 13 deletions

View File

@ -8,21 +8,52 @@ echo "Adjusting ssh configuration"
# Note1: augtool on Ubuntu does not auto-save, pass -s
install-packages augeas openssh-server openssh-clients
augtool set /files/etc/ssh/sshd_config/PasswordAuthentication yes
augtool set /files/etc/ssh/sshd_config/UseDNS no
augtool set /files/etc/ssh/sshd_config/PermitTunnel yes
augtool set /files/etc/ssh/sshd_config/SyslogFacility AUTH
augtool set /files/etc/ssh/sshd_config/PermitRootLogin yes
augtool set /files/etc/ssh/sshd_config/StrictModes yes
augtool set /files/etc/ssh/sshd_config/RSAAuthentication yes
augtool set /files/etc/ssh/sshd_config/PubkeyAuthentication yes
augtool set /files/etc/ssh/sshd_config/IgnoreRhosts yes
augtool set /files/etc/ssh/ssh_config/Host/StrictHostKeyChecking no
augtool set /files/etc/ssh/ssh_config/Host/GSSAPIDelegateCredentials no
augtool set /files/etc/ssh/ssh_config/Host/GSSAPIAuthentication no
##
## ssh server configuration
##
# Unique to Ubuntu
augtool -s set /files/etc/ssh/sshd_config/PasswordAuthentication yes
augtool -s set /files/etc/ssh/sshd_config/GSSAPICleanupCredentials yes
augtool -s set /files/etc/ssh/sshd_config/AuthorizedKeysFile .ssh/authorized_keys
# Unique to Fedora
augtool -s set /files/etc/ssh/sshd_config/SyslogFacility AUTH
augtool -s set /files/etc/ssh/sshd_config/PermitRootLogin yes
augtool -s set /files/etc/ssh/sshd_config/StrictModes yes
augtool -s set /files/etc/ssh/sshd_config/RSAAuthentication yes
augtool -s set /files/etc/ssh/sshd_config/PubkeyAuthentication yes
augtool -s set /files/etc/ssh/sshd_config/IgnoreRhosts yes
# Common
augtool -s set /files/etc/ssh/sshd_config/GSSAPIAuthentication no
augtool -s set /files/etc/ssh/sshd_config/UseDNS no
augtool -s set /files/etc/ssh/sshd_config/PermitTunnel yes
##
## ssh client configuration
##
# Unique to Ubuntu
#none
# Unique to Fedora
augtool -s set /files/etc/ssh/ssh_config/Host/GSSAPIDelegateCredentials no
# Common
augtool -s set /files/etc/ssh/ssh_config/Host/StrictHostKeyChecking no
augtool -s set /files/etc/ssh/ssh_config/Host/GSSAPIAuthentication no
##
## Misc configuration
##
# Unique to Fedora
# No known augeas lense for cloud-init config
sed -i 's/ssh_pwauth: 0/ssh_pwauth: 1/' /etc/cloud/cloud.cfg
augtool clear /files/etc/sudoers/Defaults[type=':nrpe']/requiretty/negate
# Unique to Fedora
augtool -s clear /files/etc/sudoers/Defaults[type=':nrpe']/requiretty/negate