SSH PasswordAuthentication changer
This commit is contained in:
parent
05ae7c7409
commit
147c3363f7
|
|
@ -0,0 +1,65 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
CONFIG_FILE="/etc/ssh/sshd_config"
|
||||||
|
BACKUP_FILE="/etc/ssh/sshd_config.bak"
|
||||||
|
|
||||||
|
# Nur root darf Änderungen machen
|
||||||
|
if [ "$EUID" -ne 0 ] && [ "$1" != "-s" ]; then
|
||||||
|
echo "Bitte mit sudo ausführen."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Funktion: Aktuellen Status anzeigen
|
||||||
|
show_status() {
|
||||||
|
grep -E "^PasswordAuthentication" "$CONFIG_FILE" | awk '{ print $2 }'
|
||||||
|
}
|
||||||
|
|
||||||
|
# Funktion: Setzen von PasswordAuthentication
|
||||||
|
set_password_auth() {
|
||||||
|
VALUE=$1
|
||||||
|
echo "Setze PasswordAuthentication auf '$VALUE' ..."
|
||||||
|
|
||||||
|
# Backup
|
||||||
|
cp "$CONFIG_FILE" "$BACKUP_FILE"
|
||||||
|
|
||||||
|
# Setzen oder hinzufügen
|
||||||
|
if grep -q "^PasswordAuthentication" "$CONFIG_FILE"; then
|
||||||
|
sed -i "s/^PasswordAuthentication.*/PasswordAuthentication $VALUE/" "$CONFIG_FILE"
|
||||||
|
else
|
||||||
|
echo "PasswordAuthentication $VALUE" >> "$CONFIG_FILE"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# SSH-Dienst neustarten
|
||||||
|
if systemctl is-active --quiet ssh; then
|
||||||
|
systemctl restart ssh
|
||||||
|
elif systemctl is-active --quiet sshd; then
|
||||||
|
systemctl restart sshd
|
||||||
|
else
|
||||||
|
echo "SSH-Dienst konnte nicht gefunden werden."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Done. PasswordAuthentication ist jetzt '$VALUE'."
|
||||||
|
}
|
||||||
|
|
||||||
|
# Parameter auswerten
|
||||||
|
case "$1" in
|
||||||
|
-y)
|
||||||
|
set_password_auth "yes"
|
||||||
|
;;
|
||||||
|
-n)
|
||||||
|
set_password_auth "no"
|
||||||
|
;;
|
||||||
|
-s)
|
||||||
|
STATUS=$(show_status)
|
||||||
|
echo "Aktueller Status von PasswordAuthentication: ${STATUS:-(nicht gesetzt)}"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "Benutzung:"
|
||||||
|
echo " sudo ./password -y # aktiviert PasswordAuthentication"
|
||||||
|
echo " sudo ./password -n # deaktiviert PasswordAuthentication"
|
||||||
|
echo " ./password -s # zeigt aktuellen Status (kein sudo nötig)"
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
|
@ -0,0 +1,21 @@
|
||||||
|
NAME
|
||||||
|
ssh_password - verwaltet SSH PasswordAuthentication
|
||||||
|
|
||||||
|
SYNOPSIS
|
||||||
|
sudo ./ssh_password -y
|
||||||
|
sudo ./ssh_password -n
|
||||||
|
./ssh_password -s
|
||||||
|
|
||||||
|
BESCHREIBUNG
|
||||||
|
Dieses Skript aktiviert oder deaktiviert die Option PasswordAuthentication
|
||||||
|
in /etc/ssh/sshd_config und startet anschließend den SSH-Dienst neu.
|
||||||
|
|
||||||
|
OPTIONEN
|
||||||
|
-y Setzt PasswordAuthentication auf 'yes'
|
||||||
|
-n Setzt PasswordAuthentication auf 'no'
|
||||||
|
-s Zeigt den aktuellen Status (kein sudo nötig)
|
||||||
|
|
||||||
|
HINWEIS
|
||||||
|
Änderungen erfordern root-Rechte.
|
||||||
|
Vor jeder Änderung wird ein Backup der sshd_config erstellt.
|
||||||
|
|
||||||
Loading…
Reference in New Issue