Skip to content

Instantly share code, notes, and snippets.

@spaghetti-
Created March 9, 2017 09:45
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save spaghetti-/40896fb8f6cdc56851f894291d149ae5 to your computer and use it in GitHub Desktop.
Save spaghetti-/40896fb8f6cdc56851f894291d149ae5 to your computer and use it in GitHub Desktop.
#!/bin/sh
head -1 ~/.ssh/authorized_keys | ssh-keygen -l -f - > /dev/null 2>&1
if [ $? != 0 ];
then
echo "invalid public key found in authorized_keys, exiting.."
exit
fi
cp /etc/ssh/sshd_config ~/sshd_config.bak
cat <<EOF | sudo tee /etc/ssh/sshd_config
Port 22
SyslogFacility AUTH
LogLevel INFO
LoginGraceTime 2m
StrictModes yes
MaxAuthTries 6
MaxSessions 10
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
PasswordAuthentication no
PermitEmptyPasswords no
Subsystem sftp /usr/libexec/sftp-server
PermitRootLogin no
EOF
cat <<EOF | sudo tee -a /etc/rc.conf
firewall_enable="YES"
firewall_quiet="YES"
firewall_type="workstation"
firewall_myservices="22/tcp"
firewall_allowservices="any"
firewall_logdeny="YES"
EOF
sudo service sshd restart
sudo service ipfw start
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment