xgiovio/dockerimages
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added additional configs and parameters to sshd

Browse Source
This commit is contained in:
Giovanni Di Grezia
2020-12-21 04:28:30 +01:00
parent 7923180c01
commit b306d6b51f
2 changed files with 36 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
sshd/docker-entrypoint.sh
View File

@@ -13,11 +13,43 @@ if [[ (! -z "${ADDITIONAL_USER}" ) && ( "${ADDITIONAL_USER}" != "root" ) ]]; th
if [[ ! -z "${ADDITIONAL_USER_GID}" ]]; then if [[ ! -z "${ADDITIONAL_USER_GID}" ]]; then
groupmod -g $ADDITIONAL_USER_GID $ADDITIONAL_USER groupmod -g $ADDITIONAL_USER_GID $ADDITIONAL_USER
fi fi
echo "${ADDITIONAL_USER}:$(cat $ADDITIONAL_USER_PASSWORD_FILE)" | chpasswd if [[ ! -z "${ADDITIONAL_USER_PASSWORD_FILE}" ]]; then
echo "${ADDITIONAL_USER}:$(cat $ADDITIONAL_USER_PASSWORD_FILE)" | chpasswd
fi
if [[ ! -z "${ADDITIONAL_USER_PUBLICKEY}" ]]; then
if [ ! -d "/home/${ADDITIONAL_USER}/.ssh" ]; then
mkdir -p "/home/${ADDITIONAL_USER}/.ssh"
chown -R $(id -u "${ADDITIONAL_USER}"):$(id -g "${ADDITIONAL_USER}") "/home/${ADDITIONAL_USER}/.ssh"
fi
echo "${ADDITIONAL_USER_PUBLICKEY}" >> /home/"${ADDITIONAL_USER}"/.ssh/authorized_keys
fi
fi
if [[ ! -z "${ROOT_PASSWORD_FILE}" ]]; then
echo "root:$(cat $ROOT_PASSWORD_FILE)" | chpasswd
fi
if [[ ! -z "${ROOT_PUBLICKEY}" ]]; then
if [ ! -d "/root/.ssh" ]; then
mkdir -p "/root/.ssh"
fi
echo "${ROOT_PUBLICKEY}" >> /root/.ssh/authorized_keys
fi
if [[ (! -z "${ENABLE_PASSWORD_AUTHENTICATION}") && ("${ENABLE_PASSWORD_AUTHENTICATION}" = '1') ]]; then
echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config
if [[ (! -z "${ENABLE_ROOT}") && ("${ENABLE_ROOT}" = 1) ]]; then
echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
else
echo "PermitRootLogin no" >> /etc/ssh/sshd_config
fi
else
echo "PasswordAuthentication no" >> /etc/ssh/sshd_config
if [[ (! -z "${ENABLE_ROOT}") && ("${ENABLE_ROOT}" = '1') ]]; then
echo "PermitRootLogin without-password" >> /etc/ssh/sshd_config
else
echo "PermitRootLogin no" >> /etc/ssh/sshd_config
fi
fi fi
echo "root:$(cat $ROOT_PASSWORD_FILE)" | chpasswd
usermod -s /bin/bash root usermod -s /bin/bash root
/usr/sbin/sshd -D /usr/sbin/sshd -D
#exec "$@" #exec "$@"

2
sshd/sshd_config
View File

@@ -1,6 +1,6 @@
PermitRootLogin yes
ChallengeResponseAuthentication no ChallengeResponseAuthentication no
UsePAM yes UsePAM yes
PermitEmptyPasswords no
AllowAgentForwarding yes AllowAgentForwarding yes
AllowTcpForwarding yes AllowTcpForwarding yes
GatewayPorts yes GatewayPorts yes