zeaslity/shell-scripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
080c7bb97fd5736faafb8911e4cc82aaa8fa3de3
shell-scripts/常用脚本/sshdRootLogin.sh
zeaslity 080c7bb97f Your commit message
2024-11-27 10:33:20 +08:00

116 lines
2.7 KiB
Bash
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
#########color code#############
RED="31m" # Error message
GREEN="32m" # Success message
YELLOW="33m" # Warning message
BLUE="36m" # Info message
sshConfigFile="/etc/ssh/sshd_config"
## 下面的应该被改成yes
PermitRootLogin="PermitRootLogin"
PasswordAuthentication="PasswordAuthentication"
tcpKeepAlive="TCPKeepAlive"
## 下面的应该被改成no
changeResponseAuthentication="ChallengeResponseAuthentication"
PermitEmptyPasswords="PermitEmptyPasswords"
StrictModes="StrictModes"
###############color echo func#################
colorEcho(){
echo -e "\033[${1}${@:2}\033[0m" 1>& 2
}
check_root(){
if [[ $EUID != 0 ]];then
colorEcho ${RED} "当前非root账号(或没有root权限)无法继续操作请更换root账号!"
colorEcho ${YELLOW} "使用sudo -命令获取临时root权限执行后可能会提示输入root密码"
exit 1
fi
}
back_up_config(){
cp $sshConfigFile $sshConfigFile.backup
}
modify_sshd_config_yes(){
numOfElements=$#
while [ $# -gt 0 ]
do
if grep -x "$1 yes" $sshConfigFile
then
shift
elif grep -x "#$1 yes" $sshConfigFile
then
sed -i "s/#$1 yes/$1 yes/g" $sshConfigFile
shift
elif grep -x "$1 no" $sshConfigFile
then
sed -i "s/$1 no/$1 yes/g" $sshConfigFile
shift
else
sed -i "$ a $1 yes" $sshConfigFile
shift
fi
done
}
modify_sshd_config_no(){
numOfElements=$#
while [ $# -gt 0 ]
do
if grep -x "$1 no" $sshConfigFile
then
shift
elif grep -x "#$1 no" $sshConfigFile
then
sed -i "s/#$1 no/$1 no/g" $sshConfigFile
shift
elif grep -x "$1 yes" $sshConfigFile
then
sed -i "s/$1 yes/$1 no/g" $sshConfigFile
shift
else
sed -i "$ a $1 no" $sshConfigFile
shift
fi
done
}
main(){
# 首先检查是否拥有root权限
check_root
# 备份一份sshd的配置文件
back_up_config
declare -a needToChangeYes
declare -a needToChangeNo
needToChangeYes[0]=$tcpKeepAlive
needToChangeYes[1]=$PermitRootLogin
needToChangeYes[2]=$PasswordAuthentication
needToChangeNo[0]=$PermitEmptyPasswords
needToChangeNo[1]=$changeResponseAuthentication
# 以数组的方式 将参数传入函数
modify_sshd_config_yes "${needToChangeYes[@]}"
modify_sshd_config_no "${needToChangeNo[@]}"
systemctl restart sshd.service
if [ $? ];then
echo "sshd文件已经修改成功可以进行root登录请修改root密码"
else
echo "sshd服务重启失败请检查原因"
fi
}
main
Reference in New Issue View Git Blame Copy Permalink