templates-vms-proxmox

regenerate_ssh_host_keys.service

[Unit]
Description=Regenerate SSH host keys
Before=ssh.service
ConditionFileIsExecutable=/usr/bin/ssh-keygen

[Service]
Type=oneshot
ExecStartPre=-/bin/dd if=/dev/hwrng of=/dev/urandom count=1 bs=4096
ExecStartPre=-/bin/sh -c "/bin/rm -f -v /etc/ssh/ssh_host_*_key*"
ExecStart=/usr/bin/ssh-keygen -A -v
ExecStartPost=/bin/systemctl disable regenerate_ssh_host_keys

[Install]
WantedBy=multi-user.target

template-vm-debian-11-lvm.sh

# update
apt-get update -y && apt-get upgrade -y && apt-get dist-upgrade -y && apt autoremove -y

# login apenas por ssh
touch /etc/ssh/sshd_config.d/base.conf && \
  echo "RSAAuthentication yes" >> /etc/ssh/sshd_config.d/base.conf && \
  echo "PubkeyAuthentication yes" >> /etc/ssh/sshd_config.d/base.conf

nano /etc/ssh/sshd_config # PasswordAuthentication no # yes => no

# ssh-keygen -f newsshkey # newsshkey newsshkey.pub
touch /home/debian/.ssh/authorized_keys && \
  echo "ssh-rsa xxx" >> /home/debian/.ssh/authorized_keys # newsshkey.pub

# Enable QEMU & install
apt-get install qemu-guest-agent -y && \
  systemctl start qemu-guest-agent

# configurações adicionais
echo 'export PATH="/sbin:/usr/sbin:/usr/local/sbin:$PATH"' >> /root/.bashrc
echo 'export PATH="/sbin:/usr/sbin:/usr/local/sbin:$PATH"' >> /home/debian/.bashrc

# configure time_zone
timedatectl set-timezone America/Sao_Paulo

# processo final
truncate -s 0 /etc/machine-id && \
  rm /var/lib/dbus/machine-id && \
  ln -s /etc/machine-id /var/lib/dbus/machine-id # ls -l /var/lib/dbus/machine-id:  /var/lib/dbus/machine-id -> /etc/machine-id

nano /etc/network/interfaces

rm /home/debian/.bash_history && rm /root/.bash_history
nano regenerate_ssh_host_keys.service
chown root:root regenerate_ssh_host_keys.service && \
  mv regenerate_ssh_host_keys.service /etc/systemd/system && \
  systemctl daemon-reload && \
  systemctl enable regenerate_ssh_host_keys.service

template-vm-ubuntu-2204-lvm.sh

# update
apt-get update -y && apt-get upgrade -y && apt-get dist-upgrade -y && apt autoremove -y

# login apenas por ssh
rm /etc/ssh/sshd_config.d/*.conf
touch /etc/ssh/sshd_config.d/base.conf && \
  echo "RSAAuthentication yes" >> /etc/ssh/sshd_config.d/base.conf && \
  echo "PubkeyAuthentication yes" >> /etc/ssh/sshd_config.d/base.conf && \
  echo "PasswordAuthentication no" >> /etc/ssh/sshd_config.d/base.conf

systemctl restart sshd

# ssh-keygen -f newsshkey # newsshkey newsshkey.pub
touch /home/ubuntu/.ssh/authorized_keys
echo "ssh-rsa xxx" >> /home/ubuntu/.ssh/authorized_keys # newsshkey.pub

# Enable QEMU & install
apt-get install qemu-guest-agent -y && \
  systemctl start qemu-guest-agent

# configurações adicionais
timedatectl set-timezone America/Sao_Paulo

visudo # 1. comment: [ # @includedir /etc/sudoers.d ] / 2. add: [ ubuntu ALL=(ALL) NOPASSWD:ALL ]

# processo final
truncate -s 0 /etc/machine-id && \
  rm /var/lib/dbus/machine-id && \
  ln -s /etc/machine-id /var/lib/dbus/machine-id # ls -l /var/lib/dbus/machine-id:  /var/lib/dbus/machine-id -> /etc/machine-id

nano /etc/netplan/00-installer-config.yaml

nano regenerate_ssh_host_keys.service
chown root:root regenerate_ssh_host_keys.service && \
  mv regenerate_ssh_host_keys.service /etc/systemd/system && \
  systemctl daemon-reload && \
  systemctl enable regenerate_ssh_host_keys.service

rm /home/ubuntu/.bash_history && rm /root/.bash_history