summaryrefslogtreecommitdiff
path: root/playbooks.d/ssh/playbook.bash
diff options
context:
space:
mode:
Diffstat (limited to 'playbooks.d/ssh/playbook.bash')
-rw-r--r--playbooks.d/ssh/playbook.bash18
1 files changed, 18 insertions, 0 deletions
diff --git a/playbooks.d/ssh/playbook.bash b/playbooks.d/ssh/playbook.bash
index e9b28d5..12f6bb6 100644
--- a/playbooks.d/ssh/playbook.bash
+++ b/playbooks.d/ssh/playbook.bash
@@ -17,6 +17,14 @@ playbook_sync() {
"sftp=$(config "ssh.sftp")" \
> /etc/ssh/sshd_config
+ # Generate stronger keys if needed
+ if (( $(ssh_key_size "$(config "fs.etcdir")/ssh/ssh_host_rsa_key") < 4096 ))
+ then
+ warn "$BASHTARD_PLAYBOOK" "Generating new RSA SSH host key"
+ rm -f -- "$(config "fs.etcdir")/ssh/ssh_host_rsa_key"
+ ssh-keygen -t rsa -b 4096 -f "$(config "fs.etcdir")/ssh/ssh_host_rsa_key" -N ""
+ fi
+
info "$BASHTARD_PLAYBOOK" "Generating MotD"
file_template "motd" \
"fqdn=${BASHTARD_PLATFORM[fqdn]}" \
@@ -32,3 +40,13 @@ playbook_del() {
svc stop "sshd"
svc disable "sshd"
}
+
+ssh_key_size() {
+ if [[ ! -f "$1" ]]
+ then
+ printf "0"
+ return
+ fi
+
+ ssh-keygen -l -f "$1" | awk '{ print $1 }'
+}
generated by cgit v1.1 at 2024-05-20 00:51:42 +0000