Commit a5fe7d1f authored by Tru  HUYNH's avatar Tru HUYNH

fix ssh keys

parent b4a85f27
......@@ -58,6 +58,11 @@ clearpart --all --initlabel --drives=sda
part /boot --fstype=ext3 --ondisk=sda --size 1000 --asprimary
part / --fstype=xfs --ondisk=sda --size 40000 --grow --asprimary
user --groups=centos --homedir=/home/centos --name=centos --password=bcga2017
# centos is the admin user with sudo access and remote ssh access
user --groups=bga2017 --homedir=/home/bga2017 --name=bga2017 --password=NOC-AUTH
# student account
%packages
@base
@compat-libraries
......@@ -117,6 +122,7 @@ libuv
libuv-devel
libuv-static
# BGA2017
@mate-desktop-environment
vim-enhanced
wget
......@@ -175,11 +181,13 @@ cp /etc/resolv.conf /mnt/sysimage/etc/resolv.conf
%post
# ssh with keys only:
curl http://tru_tru.homenet.org/ks/c7-sshd_config.sh | sh
# tru ssh-keys
curl http://tru_tru.homenet.org/ks/c7-add-tru.sh | sh
curl https://gitlab.pasteur.fr/tru/BGA2017/raw/master/noc-auth/c7-sshd_config.sh | sh
# centos ssh-keys
curl https://gitlab.pasteur.fr/tru/BGA2017/raw/master/noc-auth/centos-autorized_keys.sh| sh
# bga2017 ssh-keys
curl https://gitlab.pasteur.fr/tru/BGA2017/raw/master/noc-auth/bga2017-autorized_keys.sh | sh
yum -y groupinstall mate-desktop-environment
#yum -y groupinstall mate-desktop-environment
# missing systemctl disable initial-setup.service
# https://bugzilla.redhat.com/show_bug.cgi?id=1213114
......
#!/bin/sh
# curl https://gitlab.pasteur.fr/tru/BGA2017/raw/master/c7-sshd_config.sh | sh
PATH=/sbin:/bin:/usr/sbin:/usr/bin
export PATH
# sshd
/usr/bin/sed -i -e 's/^PermitRootLogin.*/PermitRootLogin no/g' /etc/ssh/sshd_config
/usr/bin/sed -i -e 's/^PasswordAuthentication.*/PasswordAuthentication no/g' /etc/ssh/sshd_config
#
# fix selinux permissions
/sbin/restorecon -rv /home /etc/ssh
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment