-
-
Save spaghetti-/40896fb8f6cdc56851f894291d149ae5 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
head -1 ~/.ssh/authorized_keys | ssh-keygen -l -f - > /dev/null 2>&1 | |
if [ $? != 0 ]; | |
then | |
echo "invalid public key found in authorized_keys, exiting.." | |
exit | |
fi | |
cp /etc/ssh/sshd_config ~/sshd_config.bak | |
cat <<EOF | sudo tee /etc/ssh/sshd_config | |
Port 22 | |
SyslogFacility AUTH | |
LogLevel INFO | |
LoginGraceTime 2m | |
StrictModes yes | |
MaxAuthTries 6 | |
MaxSessions 10 | |
RSAAuthentication yes | |
PubkeyAuthentication yes | |
AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2 | |
PasswordAuthentication no | |
PermitEmptyPasswords no | |
Subsystem sftp /usr/libexec/sftp-server | |
PermitRootLogin no | |
EOF | |
cat <<EOF | sudo tee -a /etc/rc.conf | |
firewall_enable="YES" | |
firewall_quiet="YES" | |
firewall_type="workstation" | |
firewall_myservices="22/tcp" | |
firewall_allowservices="any" | |
firewall_logdeny="YES" | |
EOF | |
sudo service sshd restart | |
sudo service ipfw start |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment