A free, open, self-hosted app platform (GNU AGPLv3): one-click app deploys, Traefik reverse proxy with automatic SSL, rootless Docker support, gluetun VPN routing, and a web dashboard to manage it all. Free & open forever to self-host; optional paid hosted services fund it. See PROMISE.md. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
50 lines
2.1 KiB
Bash
Executable File
50 lines
2.1 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
installDisableSSHPassword()
|
|
{
|
|
if [[ $CFG_REQUIREMENT_SSH_DISABLE_PASSWORDS == "true" ]]; then
|
|
# Check if already disabled
|
|
if [[ $SSHKEY_DISABLE_PASS_NEEDED == "true" ]]; then
|
|
while true; do
|
|
isHeader "SSH Password Disabler"
|
|
isQuestion "Do you want to disable SSH password logins? (y/n): "
|
|
read -p "" disable_ssh_passwords
|
|
case "$disable_ssh_passwords" in
|
|
[Yy]*)
|
|
local backup_file="$sshd_config_backup_$current_date-$current_time"
|
|
result=$(sudo cp $sshd_config "$backup_file")
|
|
checkSuccess "Backup sshd_config file"
|
|
|
|
result=$(sudo sed -i '/^PasswordAuthentication/d' $sshd_config)
|
|
checkSuccess "Removing existing PasswordAuthentication lines"
|
|
|
|
result=$(echo "PasswordAuthentication no" | sudo tee -a $sshd_config)
|
|
checkSuccess "Add new PasswordAuthentication line at the end of sshd_config"
|
|
|
|
result=$(sudo systemctl restart sshd)
|
|
checkSuccess "Restart SSH service"
|
|
break
|
|
;;
|
|
[Nn]*)
|
|
while true; do
|
|
isQuestion "Do you want to stop being asked to disable SSH Password logins? (y/n): "
|
|
read -rp "" sshdisablepasswordask
|
|
if [[ "$sshdisablepasswordask" =~ ^[yYnN]$ ]]; then
|
|
break
|
|
fi
|
|
isNotice "Please provide a valid input (y/n)."
|
|
done
|
|
if [[ "$sshdisablepasswordask" == [yY] ]]; then
|
|
updateConfigOption "CFG_REQUIREMENT_SSH_DISABLE_PASSWORDS" "false"
|
|
fi
|
|
break
|
|
;;
|
|
*)
|
|
echo "Please enter 'y' or 'n'."
|
|
;;
|
|
esac
|
|
done
|
|
fi
|
|
fi
|
|
}
|