KNEL/FetchApply
2
0
Fork 0
Code Pull Requests Actions Packages Releases 1 Activity

i think this is right...

Browse Source
This commit is contained in:
Charles N Wyble - admin
2025-07-02 18:41:58 -05:00
parent 0175a00458
commit ce1bf7d220
1 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
ProjectCode/Modules/Security/secharden-ssh.sh
View File

@ -23,8 +23,6 @@ LOCALUSER_SSH_DIR="/home/localuser/.ssh"
export SUBODEV_SSH_DIR export SUBODEV_SSH_DIR
SUBODEV_SSH_DIR="/home/subodev/.ssh" SUBODEV_SSH_DIR="/home/subodev/.ssh"
export NOT_UBUNTU_CHECK
NOT_UBUNTU_CHECK="$(distro | grep -c -v Ubuntu || true)"
if [ ! -d $ROOT_SSH_DIR ]; then if [ ! -d $ROOT_SSH_DIR ]; then
mkdir /root/.ssh/ mkdir /root/.ssh/
@ -60,7 +58,12 @@ cat ../../ConfigFiles/SSH/Configs/tsys-sshd-config >/etc/ssh/sshd_config
#Don't deploy this config to a ubuntu server, it breaks openssh server. Works on kali/debian. #Don't deploy this config to a ubuntu server, it breaks openssh server. Works on kali/debian.
if [ "$NOT_UBUNTU_CHECK" -eq 1 ]; then set -x
export UBUNTU_CHECK
UBUNTU_CHECK="$(distro | grep -c Ubuntu)"
if [ "$UBUNTU_CHECK" -ne 1 ]; then
cat ../../ConfigFiles/SSH/Configs/ssh-audit-hardening.conf >/etc/ssh/sshd_config.d/ssh-audit_hardening.conf cat ../../ConfigFiles/SSH/Configs/ssh-audit-hardening.conf >/etc/ssh/sshd_config.d/ssh-audit_hardening.conf
fi fi
@ -70,4 +73,4 @@ chmod og-rwx /etc/ssh/sshd_config.d/*
#todo #todo
# only strong MAC algos are used # only strong MAC algos are used