Add template for sshd_config
This commit is contained in:
parent
747563b5bb
commit
66d0f71e83
|
@ -1,5 +1,5 @@
|
||||||
package : fws-openssh
|
package : fws-openssh
|
||||||
version : 7.9.0.0-2
|
version : 7.9.0.0-5
|
||||||
architecture : all
|
architecture : all
|
||||||
section : base
|
section : base
|
||||||
priority : optional
|
priority : optional
|
||||||
|
|
33
setup.py
33
setup.py
|
@ -1,8 +1,22 @@
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
from setuphelpers import *
|
from setuphelpers import *
|
||||||
import requests,json
|
import requests,json
|
||||||
|
from jinja2 import Environment, FileSystemLoader
|
||||||
|
|
||||||
uninstallkey = []
|
uninstallkey = []
|
||||||
|
variables = {
|
||||||
|
'ssh_password_auth': False,
|
||||||
|
'ssh_append_ciphers': True,
|
||||||
|
'ssh_ciphers': [ 'aes256-cbc', 'aes192-cbc', 'aes128-cbc' ]
|
||||||
|
}
|
||||||
|
|
||||||
|
# Read local variables file if available
|
||||||
|
if isfile(makepath(programfiles32,'wapt','private','symetric.txt')) and isfile(makepath(programfiles32,'wapt','private','variables.txt')):
|
||||||
|
print('Reading local encrypted variables file')
|
||||||
|
from cryptography.fernet import Fernet
|
||||||
|
import yaml
|
||||||
|
f = Fernet(open(makepath(programfiles32,'wapt','private','symetric.txt'),'r').read())
|
||||||
|
variables.update(yaml.safe_load(f.decrypt(open(makepath(programfiles32,'wapt','private','variables.txt'),'r').read())))
|
||||||
|
|
||||||
def install():
|
def install():
|
||||||
print('Installing OpenSSH')
|
print('Installing OpenSSH')
|
||||||
|
@ -31,8 +45,23 @@ def install():
|
||||||
run_notfatal(r'netsh advfirewall firewall del rule name="OpenSSH Server"')
|
run_notfatal(r'netsh advfirewall firewall del rule name="OpenSSH Server"')
|
||||||
run(r'netsh advfirewall firewall add rule name="OpenSSH Server" dir=in action=allow protocol=TCP localport=22 enable=yes')
|
run(r'netsh advfirewall firewall add rule name="OpenSSH Server" dir=in action=allow protocol=TCP localport=22 enable=yes')
|
||||||
|
|
||||||
print(' Starting the service')
|
print(' Deploy sshd_config')
|
||||||
service_start('sshd')
|
jinja2 = Environment(
|
||||||
|
loader=FileSystemLoader('.'),
|
||||||
|
trim_blocks=True
|
||||||
|
)
|
||||||
|
open(makepath(os.getenv('ProgramData',r'C:\ProgramData'),'ssh','sshd_config'),'w').write(
|
||||||
|
jinja2.get_template('sshd_config.j2').render(
|
||||||
|
ssh_ciphers = ('+' if variables['ssh_append_ciphers'] == True else '') + ','.join(variables['ssh_ciphers']),
|
||||||
|
ssh_password_auth = variables['ssh_password_auth']
|
||||||
|
)
|
||||||
|
)
|
||||||
|
|
||||||
|
print(' (Re)starting the service')
|
||||||
|
if service_is_running('sshd'):
|
||||||
|
service_restart('sshd')
|
||||||
|
else:
|
||||||
|
service_start('sshd')
|
||||||
|
|
||||||
print(r' Enabling sshd service on boot')
|
print(r' Enabling sshd service on boot')
|
||||||
run('sc config sshd start= auto')
|
run('sc config sshd start= auto')
|
||||||
|
|
|
@ -0,0 +1,6 @@
|
||||||
|
AuthorizedKeysFile .ssh/authorized_keys
|
||||||
|
Subsystem sftp sftp-server.exe
|
||||||
|
{% if ssh_ciphers | length > 0 %}
|
||||||
|
Ciphers {{ ssh_ciphers }}
|
||||||
|
{% endif %}
|
||||||
|
PasswordAuthentication {{ 'yes' if ssh_password_auth == True else 'no' }}
|
Loading…
Reference in New Issue