From d45114c4dc5508d97add141fd6f052bbae0d8a17 Mon Sep 17 00:00:00 2001 From: Oliver Date: Mon, 25 Aug 2025 06:01:18 +0200 Subject: [PATCH] no passwd --- app/onboarding | 3 +++ app/update | 4 +--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/app/onboarding b/app/onboarding index 4899672..23cf8a0 100755 --- a/app/onboarding +++ b/app/onboarding @@ -62,4 +62,7 @@ rex doas mkdir -p /etc/doas.d rex "doas sh -c 'grep -q \"permit nopass 4server as root\" /etc/doas.d/4server.conf 2>/dev/null || echo \"permit nopass 4server as root\" | tee -a /etc/doas.d/4server.conf > /dev/null'" +rex "doas sh -c 'sed -i \"s/^#\?PasswordAuthentication.*/PasswordAuthentication no/\" /etc/ssh/sshd_config'" + rex doas rc-service sshd restart + diff --git a/app/update b/app/update index 96c74ab..cb1b209 100755 --- a/app/update +++ b/app/update @@ -11,15 +11,13 @@ template templates/.profile /home/4server/.profile ### PACKAGES template templates/repositories /etc/apk/repositories rex "doas apk update && doas apk upgrade" -rex doas apk add fail2ban openssh ufw python3 build-base python3-dev linux-headers py3-pip gcc g++ musl-dev libffi-dev make jq rsync mc vim docker docker-compose htop linux-lts sqlite bash postgresql16-client +rex doas apk add openssh ufw python3 build-base python3-dev linux-headers py3-pip gcc g++ musl-dev libffi-dev make jq rsync mc vim docker docker-compose htop linux-lts sqlite bash postgresql16-client rex doas pip install --root-user-action ignore --break-system-packages --no-cache-dir "uvicorn[standard]" fastapi pydantic psutil ### own bins echo "Running prsync ./sbin" prsync -h "$hosts_file" -avz ./sbin/ /4server/sbin/ -### Security -template templates/etc/fail2ban/jail.conf /etc/fail2ban/jail.conf