You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
44 lines
1.2 KiB
44 lines
1.2 KiB
#!/usr/bin/env sh
|
|
|
|
[ ! "$(id -u)" -eq 0 ] && echo "Run as superuser." && exit 1
|
|
|
|
case "${1}" in
|
|
"on"|"enable"|"unlock")
|
|
FROM=yes; TO=no;
|
|
;;
|
|
"off"|"disable"|"lock")
|
|
FROM=no; TO=yes;
|
|
;;
|
|
"toggle")
|
|
if grep -q '^PasswordAuthentication yes' /etc/ssh/sshd_config; then
|
|
FROM=yes; TO=no;
|
|
else
|
|
FROM=no; TO=yes;
|
|
fi
|
|
;;
|
|
status)
|
|
true
|
|
;;
|
|
*)
|
|
echo 'Must specify one of the following:'
|
|
echo ' [ on | yes | enable | unlock ] to allow interactive passwords'
|
|
echo ' [ off | no | disable | lock ] to disallow interactive passwords'
|
|
echo ' [ toggle ] to toggle the allowance of interactive passwords'
|
|
echo ' [ status ] to show the current state of interactive passwords'
|
|
exit 1
|
|
;;
|
|
esac
|
|
|
|
for OPTION in PasswordAuthentication KbdInteractiveAuthentication ChallengeResponseAuthentication; do
|
|
[ -n "${FROM}" ] && sed -i "s/#* *${OPTION} *${FROM}/${OPTION} ${TO}/g" /etc/ssh/sshd_config
|
|
grep "^#* *${OPTION} *\(yes\|no\)" /etc/ssh/sshd_config
|
|
done
|
|
|
|
if command -v systemctl > /dev/null; then
|
|
systemctl restart sshd
|
|
elif [ -x /etc/init.d/sshd ]; then
|
|
/etc/init.d/sshd restart
|
|
else
|
|
echo "Restart SSH server to have changes take effect."
|
|
fi
|