generate default password for root user if none provided
This commit is contained in:
parent
e9b0cd5c5b
commit
7f8abf1338
@ -1,5 +1,11 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
|
if [ "${ROOT_PASSWORD}" == "root" ] || [ -z "${ROOT_PASSWORD}" ]; then
|
||||||
|
export ROOT_PASSWORD="$(hexdump -e '\"%02x\"' -n 16 /dev/urandom)"
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "root:${ROOT_PASSWORD}" | chpasswd
|
||||||
|
|
||||||
# generate host keys if not present
|
# generate host keys if not present
|
||||||
ssh-keygen -A
|
ssh-keygen -A
|
||||||
|
|
||||||
@ -7,12 +13,10 @@ ssh-keygen -A
|
|||||||
if [ "${KEYPAIR_LOGIN}" = "true" ] && [ -f "${HOME}/.ssh/authorized_keys" ] ; then
|
if [ "${KEYPAIR_LOGIN}" = "true" ] && [ -f "${HOME}/.ssh/authorized_keys" ] ; then
|
||||||
sed -i "s/#PermitRootLogin.*/PermitRootLogin without-password/" /etc/ssh/sshd_config
|
sed -i "s/#PermitRootLogin.*/PermitRootLogin without-password/" /etc/ssh/sshd_config
|
||||||
sed -i "s/#PasswordAuthentication.*/PasswordAuthentication no/" /etc/ssh/sshd_config
|
sed -i "s/#PasswordAuthentication.*/PasswordAuthentication no/" /etc/ssh/sshd_config
|
||||||
|
chmod 600 "${HOME}/.ssh/authorized_keys"
|
||||||
echo "Enabled root-login by keypair and disabled password-login"
|
echo "Enabled root-login by keypair and disabled password-login"
|
||||||
else
|
else
|
||||||
sed -i s/#PermitRootLogin.*/PermitRootLogin\ yes/ /etc/ssh/sshd_config
|
sed -i s/#PermitRootLogin.*/PermitRootLogin\ yes/ /etc/ssh/sshd_config
|
||||||
if [ -n "${ROOT_PASSWORD}" ] && [ "${ROOT_PASSWORD}" != "root" ]; then
|
|
||||||
echo "root:${ROOT_PASSWORD}" | chpasswd
|
|
||||||
fi
|
|
||||||
echo "Enabled root-login by password"
|
echo "Enabled root-login by password"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user