-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDisable-Password-Auth.sh
25 lines (21 loc) · 1.18 KB
/
Disable-Password-Auth.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
if [[ $(grep 'Include \/etc\/ssh\/sshd_config\.d\/\*\.conf' /etc/ssh/sshd_config) == '' ]]; then
sed -i '1s/^/Include \/etc\/ssh\/sshd_config\.d\/\*\.conf\n/g' /etc/ssh/sshd_config
else
if [[ $(grep '^#.*Include \/etc\/ssh\/sshd_config\.d\/\*\.conf.*$' /etc/ssh/sshd_config) != '' ]]; then
sed -i 's/^#.*Include \/etc\/ssh\/sshd_config\.d\/\*\.conf.*$/Include \/etc\/ssh\/sshd_config\.d\/\*\.conf/g' /etc/ssh/sshd_config
fi
fi
if [[ $(ls /etc/ssh | grep 'sshd_config\.d') == '' ]]; then
mkdir /etc/ssh/sshd_config.d
fi
sed -i 's/PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config;
sed -i 's/PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config.d/*;
if [[ $(ls /etc/ssh/sshd_config.d | grep 'disable-password-auth\.conf') == '' ]]; then
echo "PasswordAuthentication no" >> /etc/ssh/sshd_config.d/disable-password-auth.conf
else
if [[ $(grep '^#.*PasswordAuthentication no.*$' /etc/ssh/sshd_config.d/disable-password-auth.conf) != '' ]]; then
sed -i 's/^#.*PasswordAuthentication no.*$/PasswordAuthentication no/g' /etc/ssh/sshd_config.d/disable-password-auth.conf
fi
fi
systemctl restart ssh
systemctl restart sshd