Update Setup.sh
This commit is contained in:
parent
1589635dd6
commit
a12023ed2c
1 changed files with 27 additions and 9 deletions
36
Setup.sh
36
Setup.sh
|
|
@ -6,35 +6,53 @@ SSH_KEY="ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGrc2BRE6hkdSyyQMykQin/5HCaLyzRuOvS
|
|||
SSH_DIR="/root/.ssh"
|
||||
AUTHORIZED_KEYS="$SSH_DIR/authorized_keys"
|
||||
|
||||
# Ensure script is run as root
|
||||
if [ "$(id -u)" -ne 0 ]; then
|
||||
echo "[!] This script must be run as root."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "[1/5] Updating system..."
|
||||
echo "[1/6] Updating system..."
|
||||
apt update && apt upgrade -y
|
||||
|
||||
echo "[2/5] Installing sudo and curl..."
|
||||
echo "[2/6] Installing required packages..."
|
||||
apt install -y sudo curl
|
||||
|
||||
echo "[3/5] Creating /root/.ssh if needed..."
|
||||
echo "[3/6] Setting up SSH key for root..."
|
||||
mkdir -p "$SSH_DIR"
|
||||
chmod 700 "$SSH_DIR"
|
||||
|
||||
echo "[4/5] Adding SSH key to /root/.ssh/authorized_keys..."
|
||||
touch "$AUTHORIZED_KEYS"
|
||||
grep -qxF "$SSH_KEY" "$AUTHORIZED_KEYS" || echo "$SSH_KEY" >> "$AUTHORIZED_KEYS"
|
||||
chmod 600 "$AUTHORIZED_KEYS"
|
||||
|
||||
echo "[5/5] Disabling SSH password authentication..."
|
||||
echo "[4/6] Disabling password login for SSH..."
|
||||
sed -i 's/^#\?\s*PasswordAuthentication\s\+.*/PasswordAuthentication no/' /etc/ssh/sshd_config
|
||||
sed -i 's/^#\?\s*ChallengeResponseAuthentication\s\+.*/ChallengeResponseAuthentication no/' /etc/ssh/sshd_config
|
||||
sed -i 's/^#\?\s*UsePAM\s\+.*/UsePAM no/' /etc/ssh/sshd_config
|
||||
|
||||
echo "[✓] Restarting SSH service..."
|
||||
if command -v systemctl >/dev/null 2>&1; then
|
||||
echo "[5/6] Setting SSH login banner..."
|
||||
cat << 'EOF' > /etc/issue.net
|
||||
\033[1;34m
|
||||
AUTHORIZED ACCESS ONLY
|
||||
Disconnect immediately if you are not an authorized user.
|
||||
|
||||
_ _ _ _ _ _ _____ _______ _ _ _____
|
||||
| \ | (_) | | | | (_) |_ _|__ __| | | | | / ____|
|
||||
| \| |_ ___| | _| |_ _ __ ___ _ __ _ ___ | | | | | | | | | |
|
||||
| . ` | |/ __| |/ / __| '__/ _ \| '_ \| |/ __| | | | | | | | | | |
|
||||
| |\ | | (__| <| |_| | | (_) | | | | | (__ _| |_ | | | |____| |___| |____
|
||||
|_| \_|_|\___|_|\_\\__|_| \___/|_| |_|_|\___| |_____| |_| |______|______\_____|
|
||||
|
||||
\033[0m
|
||||
EOF
|
||||
|
||||
sed -i 's|^#\?\s*Banner\s\+.*|Banner /etc/issue.net|' /etc/ssh/sshd_config
|
||||
|
||||
echo "[6/6] Restarting SSH service..."
|
||||
if command -v systemctl &>/dev/null; then
|
||||
systemctl restart sshd
|
||||
else
|
||||
service ssh restart
|
||||
fi
|
||||
|
||||
echo "[✔] Setup complete. Root login via SSH key is enabled. Password login is disabled."
|
||||
echo "[✔] Setup complete. System updated, SSH secured, and banner set."
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue