1 files changed, 46 insertions, 0 deletions
diff --git a/debian/openssh-server.config b/debian/openssh-server.config
new file mode 100644
index 000000000..4a66a35e9
--- /dev/null
+++ b/debian/openssh-server.config
@@ -0,0 +1,46 @@
+#! /bin/sh
+set -e
+. /usr/share/debconf/confmodule
+db_version 2.0
+get_config_option() {
+        option="$1"
+        [ -f /etc/ssh/sshd_config ] || return
+        # TODO: actually only one '=' allowed after option
+        perl -lne '
+                s/[[:space:]]+/ /g; s/[[:space:]]+$//;
+                print if s/^[[:space:]]*'"$option"'[[:space:]=]+//i' \
+           /etc/ssh/sshd_config 2>/dev/null
+}
+permit_root_login="$(get_config_option PermitRootLogin)" || true
+password_authentication="$(get_config_option PasswordAuthentication)" || true
+if [ -f /etc/ssh/sshd_config ]; then
+        # Make sure the debconf database is in sync with the current state
+        # of the system.
+        if [ "$permit_root_login" = yes ]; then
+                db_set openssh-server/permit-root-login false
+        else
+                db_set openssh-server/permit-root-login true
+        fi
+        if [ "$password_authentication" = no ]; then
+                db_set openssh-server/password-authentication false
+        else
+                db_set openssh-server/password-authentication true
+        fi
+fi
+if dpkg --compare-versions "$2" lt-nl 1:6.6p1-1 && \
+   [ "$permit_root_login" = yes ]; then
+        if [ "$(getent shadow root | cut -d: -f2)" = "!" ]; then
+                db_set openssh-server/permit-root-login true
+        else
+                db_input high openssh-server/permit-root-login || true
+                db_go
+        fi
+fi
+exit 0

diff --git a/debian/openssh-server.config b/debian/openssh-server.config new file mode 100644 index 000000000..4a66a35e9 --- /dev/null +++ b/debian/openssh-server.config
@@ -0,0 +1,46 @@
	1	#! /bin/sh
	2	set -e
	3
	4	. /usr/share/debconf/confmodule
	5	db_version 2.0
	6
	7	get_config_option() {
	8	option="$1"
	9
	10	[ -f /etc/ssh/sshd_config ] \|\| return
	11
	12	# TODO: actually only one '=' allowed after option
	13	perl -lne '
	14	s/[[:space:]]+/ /g; s/[[:space:]]+$//;
	15	print if s/^[[:space:]]*'"$option"'[[:space:]=]+//i' \
	16	/etc/ssh/sshd_config 2>/dev/null
	17	}
	18
	19	permit_root_login="$(get_config_option PermitRootLogin)" \|\| true
	20	password_authentication="$(get_config_option PasswordAuthentication)" \|\| true
	21	if [ -f /etc/ssh/sshd_config ]; then
	22	# Make sure the debconf database is in sync with the current state
	23	# of the system.
	24	if [ "$permit_root_login" = yes ]; then
	25	db_set openssh-server/permit-root-login false
	26	else
	27	db_set openssh-server/permit-root-login true
	28	fi
	29	if [ "$password_authentication" = no ]; then
	30	db_set openssh-server/password-authentication false
	31	else
	32	db_set openssh-server/password-authentication true
	33	fi
	34	fi
	35
	36	if dpkg --compare-versions "$2" lt-nl 1:6.6p1-1 && \
	37	[ "$permit_root_login" = yes ]; then
	38	if [ "$(getent shadow root \| cut -d: -f2)" = "!" ]; then
	39	db_set openssh-server/permit-root-login true
	40	else
	41	db_input high openssh-server/permit-root-login \|\| true
	42	db_go
	43	fi
	44	fi
	45
	46	exit 0