diff options
author | Colin Watson <cjwatson@debian.org> | 2018-01-26 00:07:45 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2018-01-26 00:07:50 +0000 |
commit | 5e133f112d8a05c0f7c466fc793514e2a1ee8285 (patch) | |
tree | 56894484966369c13e281e0d37eff2c91ca087b0 /debian/openssh-server.config | |
parent | 83263a49b0e2ade36a7f0d01d06a0453f8c7ef3f (diff) |
Add debconf template to disable password auth
The new template is called openssh-server/password-authentication, and
is preseeding-only (at least for now).
Closes: #878945
Diffstat (limited to 'debian/openssh-server.config')
-rw-r--r-- | debian/openssh-server.config | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/debian/openssh-server.config b/debian/openssh-server.config index 1cad01cff..4a66a35e9 100644 --- a/debian/openssh-server.config +++ b/debian/openssh-server.config | |||
@@ -17,6 +17,7 @@ get_config_option() { | |||
17 | } | 17 | } |
18 | 18 | ||
19 | permit_root_login="$(get_config_option PermitRootLogin)" || true | 19 | permit_root_login="$(get_config_option PermitRootLogin)" || true |
20 | password_authentication="$(get_config_option PasswordAuthentication)" || true | ||
20 | if [ -f /etc/ssh/sshd_config ]; then | 21 | if [ -f /etc/ssh/sshd_config ]; then |
21 | # Make sure the debconf database is in sync with the current state | 22 | # Make sure the debconf database is in sync with the current state |
22 | # of the system. | 23 | # of the system. |
@@ -25,6 +26,11 @@ if [ -f /etc/ssh/sshd_config ]; then | |||
25 | else | 26 | else |
26 | db_set openssh-server/permit-root-login true | 27 | db_set openssh-server/permit-root-login true |
27 | fi | 28 | fi |
29 | if [ "$password_authentication" = no ]; then | ||
30 | db_set openssh-server/password-authentication false | ||
31 | else | ||
32 | db_set openssh-server/password-authentication true | ||
33 | fi | ||
28 | fi | 34 | fi |
29 | 35 | ||
30 | if dpkg --compare-versions "$2" lt-nl 1:6.6p1-1 && \ | 36 | if dpkg --compare-versions "$2" lt-nl 1:6.6p1-1 && \ |