|
@@ -46,12 +46,13 @@ function configure_ssh {
|
46
|
46
|
sed -i 's/#PermitRootLogin no/PermitRootLogin no/g' /etc/ssh/sshd_config
|
47
|
47
|
sed -i 's/X11Forwarding.*/X11Forwarding no/g' /etc/ssh/sshd_config
|
48
|
48
|
sed -i 's/#X11Forwarding no/X11Forwarding no/g' /etc/ssh/sshd_config
|
49
|
|
- sed -i 's/ServerKeyBits.*/ServerKeyBits 4096/g' /etc/ssh/sshd_config
|
50
|
|
- sed -i 's/#ServerKeyBits 4096/ServerKeyBits 4096/g' /etc/ssh/sshd_config
|
|
49
|
+ sed -i 's/ServerKeyBits.*/ServerKeyBits 2048/g' /etc/ssh/sshd_config
|
|
50
|
+ sed -i 's/#ServerKeyBits 2048/ServerKeyBits 2048/g' /etc/ssh/sshd_config
|
51
|
51
|
sed -i 's/TCPKeepAlive.*/TCPKeepAlive no/g' /etc/ssh/sshd_config
|
52
|
52
|
sed -i 's/#TCPKeepAlive no/TCPKeepAlive no/g' /etc/ssh/sshd_config
|
53
|
53
|
sed -i 's|HostKey /etc/ssh/ssh_host_dsa_key|#HostKey /etc/ssh/ssh_host_dsa_key|g' /etc/ssh/sshd_config
|
54
|
54
|
sed -i 's|HostKey /etc/ssh/ssh_host_ecdsa_key|#HostKey /etc/ssh/ssh_host_ecdsa_key|g' /etc/ssh/sshd_config
|
|
55
|
+ sed -i 's|#HostKey /etc/ssh/ssh_host_ed25519_key|HostKey /etc/ssh/ssh_host_ed25519_key|g' /etc/ssh/sshd_config
|
55
|
56
|
if ! grep -q 'DebianBanner' /etc/ssh/sshd_config; then
|
56
|
57
|
echo 'DebianBanner no' >> /etc/ssh/sshd_config
|
57
|
58
|
else
|
|
@@ -126,9 +127,9 @@ function configure_ssh_client {
|
126
|
127
|
if [ ! -f ~/.ssh/id_ed25519 ]; then
|
127
|
128
|
ssh-keygen -t ed25519 -o -a 100
|
128
|
129
|
fi
|
129
|
|
- if [ ! -f ~/.ssh/id_rsa ]; then
|
130
|
|
- ssh-keygen -t rsa -b 4096 -o -a 100
|
131
|
|
- fi
|
|
130
|
+ #if [ ! -f ~/.ssh/id_rsa ]; then
|
|
131
|
+ # ssh-keygen -t rsa -b 2048 -o -a 100
|
|
132
|
+ #fi
|
132
|
133
|
|
133
|
134
|
function_check ssh_remove_small_moduli
|
134
|
135
|
ssh_remove_small_moduli
|