Add debconf template to disable password auth

The new template is called openssh-server/password-authentication, and is preseeding-only (at least for now). Closes: #878945
author: Colin Watson <cjwatson@debian.org> 2018-01-26 00:07:45 +0000
committer: Colin Watson <cjwatson@debian.org> 2018-01-26 00:07:50 +0000
commit: 5e133f112d8a05c0f7c466fc793514e2a1ee8285 (patch)
tree: 56894484966369c13e281e0d37eff2c91ca087b0 /debian/openssh-server.config
parent: 83263a49b0e2ade36a7f0d01d06a0453f8c7ef3f (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/debian/openssh-server.config b/debian/openssh-server.config
index 1cad01cff..4a66a35e9 100644
--- a/debian/openssh-server.config
+++ b/debian/openssh-server.config
@@ -17,6 +17,7 @@ get_config_option() {
 }
 permit_root_login="$(get_config_option PermitRootLogin)" || true
+password_authentication="$(get_config_option PasswordAuthentication)" || true
 if [ -f /etc/ssh/sshd_config ]; then
        # Make sure the debconf database is in sync with the current state
        # of the system.
@@ -25,6 +26,11 @@ if [ -f /etc/ssh/sshd_config ]; then
        else
                db_set openssh-server/permit-root-login true
        fi
+        if [ "$password_authentication" = no ]; then
+                db_set openssh-server/password-authentication false
+        else
+                db_set openssh-server/password-authentication true
+        fi
 fi
 if dpkg --compare-versions "$2" lt-nl 1:6.6p1-1 && \
author	Colin Watson <cjwatson@debian.org>	2018-01-26 00:07:45 +0000
committer	Colin Watson <cjwatson@debian.org>	2018-01-26 00:07:50 +0000
commit	5e133f112d8a05c0f7c466fc793514e2a1ee8285 (patch)
tree	56894484966369c13e281e0d37eff2c91ca087b0 /debian/openssh-server.config
parent	83263a49b0e2ade36a7f0d01d06a0453f8c7ef3f (diff)