arch/pkg/de-p1st-ssh/sshd_config.holoscript

#!/bin/sh
# stdin: default config
# stdout: modified config
set -e

# save stdin (content of /etc/ssh/sshd_config) in variable
stdin="$(cat)"

# assertions
echo "=== assert UsePAM ===" 1>&2
echo "$stdin" | grep --quiet '^UsePAM[[:space:]]+yes$'
#
echo "=== assert PermitRootLogin ===" 1>&2
echo "$stdin" | grep --quiet  '^#PermitRootLogin[[:space:]]*'
! echo "$stdin" | grep --quiet '^PermitRootLogin[[:space:]]+'
echo "=== assert PubkeyAuthentication ===" 1>&2
echo "$stdin" | grep --quiet  '^#PubkeyAuthentication[[:space:]]*'
! echo "$stdin" | grep --quiet '^PubkeyAuthentication\[[:space:]]+'
echo "=== assert PasswordAuthentication ===" 1>&2
echo "$stdin" | grep --quiet  '^#PasswordAuthentication[[:space:]]*'
! echo "$stdin" | grep --quiet '^PasswordAuthentication[[:space:]]+'
echo "=== assert PermitEmptyPasswords ===" 1>&2
echo "$stdin" | grep --quiet  '^#PermitEmptyPasswords[[:space:]]*'
! echo "$stdin" | grep --quiet '^PermitEmptyPasswords[[:space:]]+'
echo "=== assert X11Forwarding ===" 1>&2
echo "$stdin" | grep --quiet  '^#X11Forwarding[[:space:]]*'
! echo "$stdin" | grep --quiet '^X11Forwarding[[:space:]]+'

echo "=== sed ===" 1>&2
echo "$stdin" | sed '
  s|^#PermitRootLogin\s.*$|PermitRootLogin yes|;
  s|^#PubkeyAuthentication\s.*$|PubkeyAuthentication yes|;
  s|^#PasswordAuthentication\s.*$|PasswordAuthentication no|;
  s|^#PermitEmptyPasswords\s.*$|PermitEmptyPasswords no|;
  s|^#X11Forwarding\s.*$|X11Forwarding no|
  '
custom archiso welcome message; refactor: holo depends on git and base; add ssh package 2021-06-12 20:47:54 +02:00			`#!/bin/sh`
			`# stdin: default config`
			`# stdout: modified config`
fix 2021-07-02 12:50:24 +02:00			`set -e`
custom archiso welcome message; refactor: holo depends on git and base; add ssh package 2021-06-12 20:47:54 +02:00
			`# save stdin (content of /etc/ssh/sshd_config) in variable`
fix 2021-07-02 12:50:24 +02:00			`stdin="$(cat)"`
custom archiso welcome message; refactor: holo depends on git and base; add ssh package 2021-06-12 20:47:54 +02:00
ssh and mkinitcpio fixes 2021-06-12 23:42:34 +02:00			`# assertions`
fix 2021-07-02 12:50:24 +02:00			`echo "=== assert UsePAM ===" 1>&2`
update de-p1st-pam 2022-04-15 17:36:53 +02:00			`echo "$stdin" \| grep --quiet '^UsePAM[[:space:]]+yes$'`
custom archiso welcome message; refactor: holo depends on git and base; add ssh package 2021-06-12 20:47:54 +02:00			`#`
fix 2021-07-02 12:50:24 +02:00			`echo "=== assert PermitRootLogin ===" 1>&2`
update de-p1st-pam 2022-04-15 17:36:53 +02:00			`echo "$stdin" \| grep --quiet '^#PermitRootLogin[[:space:]]*'`
			`! echo "$stdin" \| grep --quiet '^PermitRootLogin[[:space:]]+'`
fix 2021-07-02 12:50:24 +02:00			`echo "=== assert PubkeyAuthentication ===" 1>&2`
update de-p1st-pam 2022-04-15 17:36:53 +02:00			`echo "$stdin" \| grep --quiet '^#PubkeyAuthentication[[:space:]]*'`
			`! echo "$stdin" \| grep --quiet '^PubkeyAuthentication\[[:space:]]+'`
fix 2021-07-02 12:50:24 +02:00			`echo "=== assert PasswordAuthentication ===" 1>&2`
update de-p1st-pam 2022-04-15 17:36:53 +02:00			`echo "$stdin" \| grep --quiet '^#PasswordAuthentication[[:space:]]*'`
			`! echo "$stdin" \| grep --quiet '^PasswordAuthentication[[:space:]]+'`
fix 2021-07-02 12:50:24 +02:00			`echo "=== assert PermitEmptyPasswords ===" 1>&2`
update de-p1st-pam 2022-04-15 17:36:53 +02:00			`echo "$stdin" \| grep --quiet '^#PermitEmptyPasswords[[:space:]]*'`
			`! echo "$stdin" \| grep --quiet '^PermitEmptyPasswords[[:space:]]+'`
fix 2021-07-02 12:50:24 +02:00			`echo "=== assert X11Forwarding ===" 1>&2`
update de-p1st-pam 2022-04-15 17:36:53 +02:00			`echo "$stdin" \| grep --quiet '^#X11Forwarding[[:space:]]*'`
			`! echo "$stdin" \| grep --quiet '^X11Forwarding[[:space:]]+'`
custom archiso welcome message; refactor: holo depends on git and base; add ssh package 2021-06-12 20:47:54 +02:00
fix 2021-07-02 12:50:24 +02:00			`echo "=== sed ===" 1>&2`
			`echo "$stdin" \| sed '`
de-p1st-ssh: allow for root 2021-11-13 17:27:28 +01:00			`s\|^#PermitRootLogin\s.*$\|PermitRootLogin yes\|;`
fix 2021-07-02 12:50:24 +02:00			`s\|^#PubkeyAuthentication\s.*$\|PubkeyAuthentication yes\|;`
			`s\|^#PasswordAuthentication\s.*$\|PasswordAuthentication no\|;`
			`s\|^#PermitEmptyPasswords\s.*$\|PermitEmptyPasswords no\|;`
			`s\|^#X11Forwarding\s.*$\|X11Forwarding no\|`
			`'`