Remove SSH password auth

[mysticaltech]

We need to remove SSH password auth ideally through ignition, but if not possible, through combustion. And also do some basic hardening of that service if needed.

First and foremost, we need to find the location of the SSH config file.

[mysticaltech]

It's located at /usr/etc/ssh/sshd_config

[mysticaltech]

Thinking issuing these commands via a combustion script:

sed -i -e '/^PasswordAuthentication/s/^.*$/PasswordAuthentication no/' /usr/etc/ssh/sshd_config
sed -i -e '/^X11Forwarding/s/^.*$/X11Forwarding no/' /usr/etc/ssh/sshd_config
sed -i -e '/^#MaxAuthTries/s/^.*$/MaxAuthTries 2/' /usr/etc/ssh/sshd_config
sed -i -e '/^#AllowTcpForwarding/s/^.*$/AllowTcpForwarding no/' /usr/etc/ssh/sshd_config
sed -i -e '/^#AllowAgentForwarding/s/^.*$/AllowAgentForwarding no/' /usr/etc/ssh/sshd_config
sed -i -e '/^#AuthorizedKeysFile/s/^.*$/AuthorizedKeysFile .ssh\/authorized_keys/' /usr/etc/ssh/sshd_config

[mysticaltech]

Now all is good, finally just did it via good old ignition!

No more funny business going on in here: