Browse Source

Add template for sshd_config

master
Daniel Berteaud 5 months ago
parent
commit
66d0f71e83
3 changed files with 38 additions and 3 deletions
  1. +1
    -1
      WAPT/control
  2. +31
    -2
      setup.py
  3. +6
    -0
      sshd_config.j2

+ 1
- 1
WAPT/control View File

@@ -1,5 +1,5 @@
package : fws-openssh
version : 7.9.0.0-2
version : 7.9.0.0-5
architecture : all
section : base
priority : optional

+ 31
- 2
setup.py View File

@@ -1,8 +1,22 @@
# -*- coding: utf-8 -*-
from setuphelpers import *
import requests,json
from jinja2 import Environment, FileSystemLoader
uninstallkey = []
variables = {
'ssh_password_auth': False,
'ssh_append_ciphers': True,
'ssh_ciphers': [ 'aes256-cbc', 'aes192-cbc', 'aes128-cbc' ]
}
# Read local variables file if available
if isfile(makepath(programfiles32,'wapt','private','symetric.txt')) and isfile(makepath(programfiles32,'wapt','private','variables.txt')):
print('Reading local encrypted variables file')
from cryptography.fernet import Fernet
import yaml
f = Fernet(open(makepath(programfiles32,'wapt','private','symetric.txt'),'r').read())
variables.update(yaml.safe_load(f.decrypt(open(makepath(programfiles32,'wapt','private','variables.txt'),'r').read())))
def install():
print('Installing OpenSSH')
@@ -31,8 +45,23 @@ def install():
run_notfatal(r'netsh advfirewall firewall del rule name="OpenSSH Server"')
run(r'netsh advfirewall firewall add rule name="OpenSSH Server" dir=in action=allow protocol=TCP localport=22 enable=yes')
print(' Starting the service')
service_start('sshd')
print(' Deploy sshd_config')
jinja2 = Environment(
loader=FileSystemLoader('.'),
trim_blocks=True
)
open(makepath(os.getenv('ProgramData',r'C:\ProgramData'),'ssh','sshd_config'),'w').write(
jinja2.get_template('sshd_config.j2').render(
ssh_ciphers = ('+' if variables['ssh_append_ciphers'] == True else '') + ','.join(variables['ssh_ciphers']),
ssh_password_auth = variables['ssh_password_auth']
)
)
print(' (Re)starting the service')
if service_is_running('sshd'):
service_restart('sshd')
else:
service_start('sshd')
print(r' Enabling sshd service on boot')
run('sc config sshd start= auto')

+ 6
- 0
sshd_config.j2 View File

@@ -0,0 +1,6 @@
AuthorizedKeysFile .ssh/authorized_keys
Subsystem sftp sftp-server.exe
{% if ssh_ciphers | length > 0 %}
Ciphers {{ ssh_ciphers }}
{% endif %}
PasswordAuthentication {{ 'yes' if ssh_password_auth == True else 'no' }}

Loading…
Cancel
Save