Add template for sshd_config
This commit is contained in:
parent
747563b5bb
commit
66d0f71e83
|
@ -1,5 +1,5 @@
|
|||
package : fws-openssh
|
||||
version : 7.9.0.0-2
|
||||
version : 7.9.0.0-5
|
||||
architecture : all
|
||||
section : base
|
||||
priority : optional
|
||||
|
|
33
setup.py
33
setup.py
|
@ -1,8 +1,22 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
from setuphelpers import *
|
||||
import requests,json
|
||||
from jinja2 import Environment, FileSystemLoader
|
||||
|
||||
uninstallkey = []
|
||||
variables = {
|
||||
'ssh_password_auth': False,
|
||||
'ssh_append_ciphers': True,
|
||||
'ssh_ciphers': [ 'aes256-cbc', 'aes192-cbc', 'aes128-cbc' ]
|
||||
}
|
||||
|
||||
# Read local variables file if available
|
||||
if isfile(makepath(programfiles32,'wapt','private','symetric.txt')) and isfile(makepath(programfiles32,'wapt','private','variables.txt')):
|
||||
print('Reading local encrypted variables file')
|
||||
from cryptography.fernet import Fernet
|
||||
import yaml
|
||||
f = Fernet(open(makepath(programfiles32,'wapt','private','symetric.txt'),'r').read())
|
||||
variables.update(yaml.safe_load(f.decrypt(open(makepath(programfiles32,'wapt','private','variables.txt'),'r').read())))
|
||||
|
||||
def install():
|
||||
print('Installing OpenSSH')
|
||||
|
@ -31,8 +45,23 @@ def install():
|
|||
run_notfatal(r'netsh advfirewall firewall del rule name="OpenSSH Server"')
|
||||
run(r'netsh advfirewall firewall add rule name="OpenSSH Server" dir=in action=allow protocol=TCP localport=22 enable=yes')
|
||||
|
||||
print(' Starting the service')
|
||||
service_start('sshd')
|
||||
print(' Deploy sshd_config')
|
||||
jinja2 = Environment(
|
||||
loader=FileSystemLoader('.'),
|
||||
trim_blocks=True
|
||||
)
|
||||
open(makepath(os.getenv('ProgramData',r'C:\ProgramData'),'ssh','sshd_config'),'w').write(
|
||||
jinja2.get_template('sshd_config.j2').render(
|
||||
ssh_ciphers = ('+' if variables['ssh_append_ciphers'] == True else '') + ','.join(variables['ssh_ciphers']),
|
||||
ssh_password_auth = variables['ssh_password_auth']
|
||||
)
|
||||
)
|
||||
|
||||
print(' (Re)starting the service')
|
||||
if service_is_running('sshd'):
|
||||
service_restart('sshd')
|
||||
else:
|
||||
service_start('sshd')
|
||||
|
||||
print(r' Enabling sshd service on boot')
|
||||
run('sc config sshd start= auto')
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
AuthorizedKeysFile .ssh/authorized_keys
|
||||
Subsystem sftp sftp-server.exe
|
||||
{% if ssh_ciphers | length > 0 %}
|
||||
Ciphers {{ ssh_ciphers }}
|
||||
{% endif %}
|
||||
PasswordAuthentication {{ 'yes' if ssh_password_auth == True else 'no' }}
|
Loading…
Reference in New Issue