#!/bin/sh # stdin: default config # stdout: modified config # save stdin (content of /etc/ssh/sshd_config) in variable stdin=$(cat) # assertions echo "$stdin" | grep --quiet '^UsePAM yes$' # echo "$stdin" | grep --quiet '^#PermitRootLogin\s*$' echo "$stdin" | grep --quiet '^#PubkeyAuthentication\s*$' echo "$stdin" | grep --quiet '^#PasswordAuthentication\s*$' echo "$stdin" | grep --quiet '^#PermitEmptyPasswords\s*$' echo "$stdin" | grep --quiet '^#X11Forwarding\s*$' sed ' s|^#PermitRootLogin\s*$|PermitRootLogin no|; s|^#PubkeyAuthentication\s*$|PubkeyAuthentication yes|; s|^#PasswordAuthentication\s*$|PasswordAuthentication no|; s|^#PermitEmptyPasswords\s*$|PermitEmptyPasswords no|; s|^#X11Forwarding\s*$|X11Forwarding no| ' <<< "$stdin"