summaryrefslogtreecommitdiffstats
path: root/debian/openssh-server.config
diff options
context:
space:
mode:
Diffstat (limited to 'debian/openssh-server.config')
-rw-r--r--debian/openssh-server.config36
1 files changed, 36 insertions, 0 deletions
diff --git a/debian/openssh-server.config b/debian/openssh-server.config
new file mode 100644
index 0000000..614080e
--- /dev/null
+++ b/debian/openssh-server.config
@@ -0,0 +1,36 @@
+#! /bin/sh
+set -e
+
+. /usr/share/debconf/confmodule
+db_version 2.0
+
+get_config_option() {
+ option="$1"
+
+ [ -f /etc/ssh/sshd_config ] || return
+
+ # TODO: actually only one '=' allowed after option
+ sed -E -n -e 's/[[:space:]]+/ /g' -e 's/[[:space:]]+$//' \
+ -e 's/^[[:space:]]*'"$option"'[[:space:]=]+//Ip' \
+ /etc/ssh/sshd_config 2>/dev/null
+
+}
+
+permit_root_login="$(get_config_option PermitRootLogin)" || true
+password_authentication="$(get_config_option PasswordAuthentication)" || true
+if [ -f /etc/ssh/sshd_config ]; then
+ # Make sure the debconf database is in sync with the current state
+ # of the system.
+ if [ "$permit_root_login" = yes ]; then
+ db_set openssh-server/permit-root-login false
+ else
+ db_set openssh-server/permit-root-login true
+ fi
+ if [ "$password_authentication" = no ]; then
+ db_set openssh-server/password-authentication false
+ else
+ db_set openssh-server/password-authentication true
+ fi
+fi
+
+exit 0