diff options
Diffstat (limited to 'installer')
| -rwxr-xr-x | installer/archangel | 4 | ||||
| -rw-r--r-- | installer/lib/common.sh | 18 |
2 files changed, 19 insertions, 3 deletions
diff --git a/installer/archangel b/installer/archangel index 64718da..e04b8d9 100755 --- a/installer/archangel +++ b/installer/archangel @@ -853,9 +853,7 @@ configure_ssh() { if [[ "$ENABLE_SSH" == "yes" ]]; then step "Configuring SSH" - # Ensure sshd config allows root login with password - sed -i 's/^#PermitRootLogin.*/PermitRootLogin yes/' /mnt/etc/ssh/sshd_config - sed -i 's/^PermitRootLogin.*/PermitRootLogin yes/' /mnt/etc/ssh/sshd_config + enable_sshd_root_login /mnt/etc/ssh/sshd_config # Enable sshd service arch-chroot /mnt systemctl enable sshd diff --git a/installer/lib/common.sh b/installer/lib/common.sh index d375a9c..3040799 100644 --- a/installer/lib/common.sh +++ b/installer/lib/common.sh @@ -284,3 +284,21 @@ list_available_disks() { done printf '%s\n' "${disks[@]}" } + +############################# +# SSH Configuration +############################# + +# Ensure the given sshd_config file ends up with `PermitRootLogin yes`. +# Combines the commented (#PermitRootLogin) and uncommented +# (PermitRootLogin) replacements into one sed invocation, then verifies +# the directive is present. Errors out if neither pattern matched, since +# silently appending would mask a corrupted starting file. +enable_sshd_root_login() { + local config_file="$1" + sed -i -e 's/^#PermitRootLogin.*/PermitRootLogin yes/' \ + -e 's/^PermitRootLogin.*/PermitRootLogin yes/' \ + "$config_file" + grep -q '^PermitRootLogin yes$' "$config_file" \ + || error "PermitRootLogin not set in $config_file (no matching line to replace)" +} |