#!/bin/sh # stdin: default config # stdout: modified config # save stdin (content of /etc/ssh/sshd_config) in variable stdin=$(cat) # assertions echo "$stdin" | grep '^UsePAM yes$' # echo "$stdin" | grep --quiet '^#PermitRootLogin\s.*$' echo "$stdin" | grep --quiet '^#PubkeyAuthentication\s.*$' echo "$stdin" | grep --quiet '^#PasswordAuthentication\s.*$' echo "$stdin" | grep --quiet '^#PermitEmptyPasswords\s.*$' echo "$stdin" | grep --quiet '^#X11Forwarding\s.*$' sed ' s|^#PermitRootLogin\s.*$|PermitRootLogin no|; s|^#PubkeyAuthentication\s.*$|PubkeyAuthentication yes|; s|^#PasswordAuthentication\s.*$|PasswordAuthentication no|; s|^#PermitEmptyPasswords\s.*$|PermitEmptyPasswords no|; s|^#X11Forwarding\s.*$|X11Forwarding no| ' <<< "$stdin"