Last active
May 13, 2024 09:45
-
-
Save madalinignisca/69d55a40793f20c39c6f0f4893a1341c to your computer and use it in GitHub Desktop.
Debian installer preseed PCI compliant minimal
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
d-i debian-installer/locale string en_US.UTF-8 | |
d-i debian-installer/language string en | |
d-i debian-installer/country string ES | |
d-i keyboard-configuration/xkb-keymap select us | |
d-i netcfg/choose_interface select auto | |
d-i hw-detect/load_firmware boolean true | |
d-i mirror/protocol string http | |
d-i mirror/country string manual | |
d-i mirror/http/hostname string mirror.hetzner.com | |
d-i mirror/http/directory string /debian/packages/ | |
d-i mirror/http/proxy string | |
d-i passwd/root-login boolean false | |
d-i passwd/user-fullname string Hercules Admins | |
d-i passwd/username string hercules | |
d-i clock-setup/utc boolean true | |
d-i time/zone string UTC | |
d-i clock-setup/ntp boolean true | |
d-i clock-setup/ntp-server ntp2.hetzner.com | |
bootstrap-basei base-installer/initramfs-tools/driver-policy select dep | |
d-i apt-setup/cdrom/set-first boolean false | |
d-i apt-setup/non-free-firmware boolean true | |
d-i apt-setup/non-free boolean false | |
d-i apt-setup/contrib boolean false | |
d-i apt-setup/disable-cdrom-entries boolean true | |
d-i apt-setup/services-select multiselect security | |
d-i apt-setup/enable-source-repositories boolean false | |
d-i tasksel/tasks multiselect ssh-server | |
d-i pkgsel/upgrade select none | |
d-i grub-installer/bootdev string default | |
d-i grub-installer/only_debian boolean true | |
d-i preseed/late_command string \ | |
in-target mkdir -p /home/hercules/.ssh; \ | |
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMDU5kK4dXBLGlo8TQpa8GFTL/VfQa6LKNI8dgfEYqU madalin@macbook-pro-13-2019" >> /target/home/hercules/.ssh/authorized_keys; \ | |
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFdUvOZNiePhtqCTE++ZRpxt8sH32TzVTSU/mH1Fo8HR madalin@ipad-mini-6" >> /target/home/hercules/.ssh/authorized_keys; \ | |
in-target chown -R hercules:hercules /home/hercules/.ssh; \ | |
in-target chmod 700 /home/hercules/.ssh; \ | |
in-target chmod 600 /home/hercules/.ssh/authorized_keys; \ | |
in-target sed -i -E 's/#?PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config; \ | |
in-target sed -i -E 's/#?PermitRootLogin prohibit-password/PermitRootLogin no/' /etc/ssh/sshd_config; \ | |
echo "hercules ALL=(ALL) NOPASSWD:ALL" > /target/etc/sudoers.d/hercules; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment