YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Fixes following tests (some sshd_config options do not exists or are deprecated)

Browse source
This commit is contained in:
Alexandre Aubin 2018-11-28 17:50:20 +00:00
parent fad4ff090a
commit 3d81f032e9
4 changed files with 10 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
data/helpers.d/utils
View file

@ -272,6 +272,7 @@ ynh_local_curl () {
ynh_render_template() { ynh_render_template() {
local template_path=$1 local template_path=$1
local output_path=$2 local output_path=$2
mkdir -p "$(dirname $output_path)"
# Taken from https://stackoverflow.com/a/35009576 # Taken from https://stackoverflow.com/a/35009576
python2.7 -c 'import os, sys, jinja2; sys.stdout.write( python2.7 -c 'import os, sys, jinja2; sys.stdout.write(
jinja2.Template(sys.stdin.read() jinja2.Template(sys.stdin.read()

2
data/hooks/conf_regen/03-ssh
View file

@ -21,7 +21,7 @@ do_pre_regen() {
ssh_keys="$ssh_keys $(ls /etc/ssh/ssh_host_dsa_key 2>/dev/null)" ssh_keys="$ssh_keys $(ls /etc/ssh/ssh_host_dsa_key 2>/dev/null)"
fi fi
export $ssh_keys export ssh_keys
ynh_render_template "sshd_config" "${pending_dir}/etc/ssh/sshd_config" ynh_render_template "sshd_config" "${pending_dir}/etc/ssh/sshd_config"
fi fi
} }

21
data/templates/ssh/sshd_config
View file

@ -1,16 +1,14 @@
# Package generated configuration file # This configuration has been automatically generated
# See the sshd_config(5) manpage for details # by YunoHost
# What ports, IPs and protocols we listen for Protocol 2
Port 22 Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
ListenAddress :: ListenAddress ::
ListenAddress 0.0.0.0 ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2 {% for key in ssh_keys.split() %}
{% for key in ssh_keys %} HostKey {{ key }}{% endfor %}
HostKey {{ key }}
{% endfor %}
#Privilege Separation is turned on for security #Privilege Separation is turned on for security
UsePrivilegeSeparation yes UsePrivilegeSeparation yes
@ -24,14 +22,11 @@ LoginGraceTime 120
PermitRootLogin no PermitRootLogin no
StrictModes yes StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes PubkeyAuthentication yes
#AuthorizedKeysFile %h/.ssh/authorized_keys #AuthorizedKeysFile %h/.ssh/authorized_keys
# Don't read the user's ~/.rhosts and ~/.shosts files # Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2 # similar for protocol version 2
HostbasedAuthentication no HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
@ -92,5 +87,3 @@ Match User sftpusers
AllowTcpForwarding no AllowTcpForwarding no
GatewayPorts no GatewayPorts no
X11Forwarding no X11Forwarding no
Include sshd_config.d/*

2
src/yunohost/data_migrations/0007_ssh_conf_managed_by_yunohost_step1.py
View file

@ -65,7 +65,7 @@ class MyMigration(Migration):
copyfile('/etc/ssh/sshd_config.bkp', SSHD_CONF) copyfile('/etc/ssh/sshd_config.bkp', SSHD_CONF)
# If we detect the conf as manually modified # If we detect the conf as manually modified
ynh_hash = _get_conf_hashes('ssh')[SSHD_CONF] ynh_hash = _get_conf_hashes('ssh').get(SSHD_CONF, None)
current_hash = _calculate_hash(SSHD_CONF) current_hash = _calculate_hash(SSHD_CONF)
if ynh_hash != current_hash: if ynh_hash != current_hash: