Created
February 28, 2021 06:18
-
-
Save wsuzume/95e39813a35c419cec7988f421000aa0 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# SSH の設定 | |
SSH_CONFIG="/etc/ssh/sshd_config" | |
SSH_CONFIG_BACKUP="/etc/ssh/sshd_config.bk" | |
SSH_PORT_NUMBER="22" | |
function change_setting () { | |
TARGET=$1 | |
KEYWORD=$2 | |
VALUE=$3 | |
EXIST=`grep "^${KEYWORD}" ${TARGET}` | |
EXIST_COMMENT=`grep "^#${KEYWORD}" ${TARGET}` | |
if [ ${#EXIST} -ne 0 ]; then | |
sed -i '/^'${KEYWORD}'/c '${KEYWORD}' '${VALUE}'' ${TARGET} | |
elif [ ${#EXIST_PERMIT_COMMENT} -ne 0 ]; then | |
sed -i '/^#'${KEYWORD}'/c '${KEYWORD}' '${VALUE}'' ${TARGET} | |
else | |
echo -e "${KEYWORD} ${VALUE}" >> ${TARGET} | |
fi | |
} | |
if [ -f ${SSH_CONFIG_BACKUP} ]; then | |
echo "SSH setting is already done." | |
else | |
cp -i ${SSH_CONFIG} ${SSH_CONFIG_BACKUP} | |
# Port | |
change_setting ${SSH_CONFIG} Port ${SSH_PORT_NUMBER} | |
grep "^Port" ${SSH_CONFIG} | |
# PermitRootLogin | |
change_setting ${SSH_CONFIG} PermitRootLogin no | |
grep "^PermitRootLogin" ${SSH_CONFIG} | |
# PasswordAuthentication | |
change_setting ${SSH_CONFIG} PasswordAuthentication no | |
grep "^PasswordAuthentication" ${SSH_CONFIG} | |
# ChallengeResponseAuthentication | |
change_setting ${SSH_CONFIG} ChallengeResponseAuthentication no | |
grep "^ChallengeResponseAuthentication" ${SSH_CONFIG} | |
# PermitEmptyPasswords | |
change_setting ${SSH_CONFIG} PermitEmptyPasswords no | |
grep "^PermitEmptyPasswords" ${SSH_CONFIG} | |
# SyslogFacility | |
change_setting ${SSH_CONFIG} SyslogFacility AUTHPRIV | |
grep "^SyslogFacility" ${SSH_CONFIG} | |
# LogLevel | |
change_setting ${SSH_CONFIG} LogLevel VERBOSE | |
grep "^LogLevel" ${SSH_CONFIG} | |
# TCP Port Forwarding | |
#change_setting ${SSH_CONFIG} AllowTcpForwarding no | |
#grep "^AllowTcpForwarding" ${SSH_CONFIG} | |
# AllowStreamLocalForwarding | |
#change_setting ${SSH_CONFIG} AllowStreamLocalForwarding no | |
#grep "^AllowStreamLocalForwarding" ${SSH_CONFIG} | |
# GatewayPorts | |
#change_setting ${SSH_CONFIG} GatewayPorts no | |
#grep "^GatewayPorts" ${SSH_CONFIG} | |
# PermitTunnel | |
#change_setting ${SSH_CONFIG} PermitTunnel no | |
#grep "^PermitTunnel" ${SSH_CONFIG} | |
fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment