#!/bin/bash -e # "-e" tries to exit right away on error. # Enable (and set!) root login password for ssh and sftp. # To help everyday IIAB implementers upload content with FileZilla: # https://wiki.iiab.io/go/FAQ#How_do_I_add_my_own_content%3F # AT YOUR OWN RISK. If this absolutely must be run non-interactively, use: # sudo iiab-root-login if [ ! -f /etc/ssh/sshd_config ]; then echo -e '\n\e[41;1mERROR: /etc/ssh/sshd_config is missing (is openssh-server installed?)\e[0m\n' exit 1 fi if ! systemctl is-active ssh > /dev/null; then echo -e "\n\e[41;1mERROR: ssh service is not active (run 'systemctl status ssh' ?)\e[0m\n" exit 1 fi if [ $# -eq 0 ]; then echo -e '\n\e[1;33mPICK A STRONG PASSWORD TO PROTECT YOUR IIAB!\e[0m' echo -en '\nWhat ssh and sftp password do you want for user "root" ? ' read ans < /dev/tty else ans=$1 echo fi if [[ $ans == "" ]]; then echo -e '\n\e[41;1mEXITING: User "root" cannot have an empty password.\e[0m\n' exit 1 else echo root:"$ans" | chpasswd echo -e 'Password changed, for user "root".\n' fi # Comment out problematic line(s) in file(s) like... # /etc/ssh/sshd_config.d/60-cloudimg-settings.conf # ...that appear in Multipass VMs, etc: sed -i 's/^PermitRootLogin[[:blank:]].*/# &/' /etc/ssh/sshd_config.d/* || true sed -i 's/^PasswordAuthentication[[:blank:]].*/# &/' /etc/ssh/sshd_config.d/* || true if grep -q '^PermitRootLogin[[:blank:]]' /etc/ssh/sshd_config; then sed -i 's/^PermitRootLogin[[:blank:]].*/PermitRootLogin yes/' /etc/ssh/sshd_config else echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config fi if grep -q '^PasswordAuthentication[[:blank:]]' /etc/ssh/sshd_config; then sed -i 's/^PasswordAuthentication[[:blank:]].*/PasswordAuthentication yes/' /etc/ssh/sshd_config else echo 'PasswordAuthentication yes' >> /etc/ssh/sshd_config fi if systemctl reload ssh; then echo -e '\e[44;1mUser "root" can now upload to IIAB using FileZilla!\e[0m\n' else echo -e '\e[41;1mERROR: Unable to reload ssh service.\e[0m\n' fi