From aaffd8cab1852423b19501870c9847c559c2fcab Mon Sep 17 00:00:00 2001 From: Lulzette Date: Fri, 31 Dec 2021 04:27:03 +0000 Subject: [PATCH] =?UTF-8?q?=D0=9F=D0=BE=D0=B4=D0=BF=D1=80=D0=B0=D0=B2?= =?UTF-8?q?=D0=B8=D0=BB=20sshd=20=D0=BA=D0=BE=D0=BD=D1=84=D0=B8=D0=B3,=20?= =?UTF-8?q?=D1=81=D0=B4=D0=B5=D0=BB=D0=B0=D0=BB=20=D0=BF=D1=80=D0=B8=D0=BA?= =?UTF-8?q?=D0=BE=D0=BB=D1=8C=D0=BD=D1=8B=D0=B9=20PS1=20=D0=B2=20=D0=B1?= =?UTF-8?q?=D0=B0=D1=88=D0=B5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ansible/base-system/inventory | 4 +- .../base-system/roles/configs/files/bashrc | 1 + .../base-system/roles/ssh/files/sshd_config | 56 ------------------- 3 files changed, 4 insertions(+), 57 deletions(-) diff --git a/ansible/base-system/inventory b/ansible/base-system/inventory index 7ce3fb9..ec91d23 100644 --- a/ansible/base-system/inventory +++ b/ansible/base-system/inventory @@ -1,2 +1,4 @@ [localgroup] -gitlab ansible_connection=ssh ansible_ssh_host=192.168.100.11 ansible_ssh_user=losted ansible_ssh_common_args='-o StrictHostKeyChecking=no' +#otp-scripts ansible_connection=ssh ansible_ssh_host=87.249.54.185 ansible_ssh_user=root ansible_ssh_common_args='-o StrictHostKeyChecking=no' +drone ansible_connection=ssh ansible_ssh_host=192.168.100.14 ansible_ssh_user=losted ansible_ssh_common_args='-o StrictHostKeyChecking=no' + diff --git a/ansible/base-system/roles/configs/files/bashrc b/ansible/base-system/roles/configs/files/bashrc index ecb495b..0644156 100644 --- a/ansible/base-system/roles/configs/files/bashrc +++ b/ansible/base-system/roles/configs/files/bashrc @@ -283,3 +283,4 @@ alias gupv='git pull --rebase -v' alias gwch='git whatchanged -p --abbrev-commit --pretty=medium' alias gwip='git add -A; git rm $(git ls-files --deleted) 2> /dev/null; git commit --no-verify --no-gpg-sign -m "--wip-- [skip ci]"' +export PS1='\e[0;35m\t \e[0;32m\u@\h:\w\e[m\n\$ ' diff --git a/ansible/base-system/roles/ssh/files/sshd_config b/ansible/base-system/roles/ssh/files/sshd_config index 35d424c..8d4139e 100644 --- a/ansible/base-system/roles/ssh/files/sshd_config +++ b/ansible/base-system/roles/ssh/files/sshd_config @@ -1,15 +1,3 @@ -# This is the sshd server system-wide configuration file. See -# sshd_config(5) for more information. - -# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin - -# The strategy used for options in the default sshd_config shipped with -# OpenSSH is to specify options with their default value where -# possible, but leave them commented. Uncommented options override the -# default value. - -Include /etc/ssh/sshd_config.d/*.conf - #Port 22 #AddressFamily any #ListenAddress 0.0.0.0 @@ -34,25 +22,8 @@ PermitRootLogin prohibit-password #MaxAuthTries 6 #MaxSessions 10 -#PubkeyAuthentication yes -# Expect .ssh/authorized_keys2 to be disregarded by default in future. AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2 /etc/ssh/auth_keys - -#AuthorizedPrincipalsFile none - -#AuthorizedKeysCommand none -#AuthorizedKeysCommandUser nobody - -# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts -#HostbasedAuthentication no -# Change to yes if you don't trust ~/.ssh/known_hosts for -# HostbasedAuthentication -#IgnoreUserKnownHosts no -# Don't read the user's ~/.rhosts and ~/.shosts files -#IgnoreRhosts yes - -# To disable tunneled clear text passwords, change to no here! PasswordAuthentication no PermitEmptyPasswords no @@ -60,27 +31,6 @@ PermitEmptyPasswords no # some PAM modules and threads) ChallengeResponseAuthentication no -# Kerberos options -#KerberosAuthentication no -#KerberosOrLocalPasswd yes -#KerberosTicketCleanup yes -#KerberosGetAFSToken no - -# GSSAPI options -#GSSAPIAuthentication no -#GSSAPICleanupCredentials yes -#GSSAPIStrictAcceptorCheck yes -#GSSAPIKeyExchange no - -# Set this to 'yes' to enable PAM authentication, account processing, -# and session processing. If this is enabled, PAM authentication will -# be allowed through the ChallengeResponseAuthentication and -# PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via ChallengeResponseAuthentication may bypass -# the setting of "PermitRootLogin without-password". -# If you just want the PAM account and session checks to run without -# PAM authentication, then enable this but set PasswordAuthentication -# and ChallengeResponseAuthentication to 'no'. UsePAM yes #AllowAgentForwarding yes @@ -113,9 +63,3 @@ AcceptEnv LANG LC_* # override default of no subsystems Subsystem sftp /usr/lib/openssh/sftp-server -# Example of overriding settings on a per-user basis -#Match User anoncvs -# X11Forwarding no -# AllowTcpForwarding no -# PermitTTY no -# ForceCommand cvs server