From bc945ffd03ec8e7033adc47916f86a040ac65ed5 Mon Sep 17 00:00:00 2001 From: marcsello Date: Tue, 26 Jan 2021 01:41:50 +0100 Subject: [PATCH 01/11] added basic ssh server setup script --- .../normal/0600-download-openssh.hook.chroot | 6 +++ .../usr/local/bin/setup-live-ssh-server | 37 +++++++++++++++++++ config/package-lists/misc-tools.list.chroot | 2 + 3 files changed, 45 insertions(+) create mode 100755 config/hooks/normal/0600-download-openssh.hook.chroot create mode 100755 config/includes.chroot/usr/local/bin/setup-live-ssh-server diff --git a/config/hooks/normal/0600-download-openssh.hook.chroot b/config/hooks/normal/0600-download-openssh.hook.chroot new file mode 100755 index 0000000..fd36b64 --- /dev/null +++ b/config/hooks/normal/0600-download-openssh.hook.chroot @@ -0,0 +1,6 @@ +#!/bin/bash + +# This command downloads the openssh-server and it's dependencies into the apt cache. So it can be installed boot time when required without internet access + +mkdir -p "/var/cache/live-apt" +apt --download-only --yes -o Dir::Cache="/var/cache/live-apt" -o Dir::Cache::archives="archives/" install openssh-server diff --git a/config/includes.chroot/usr/local/bin/setup-live-ssh-server b/config/includes.chroot/usr/local/bin/setup-live-ssh-server new file mode 100755 index 0000000..cc84fbd --- /dev/null +++ b/config/includes.chroot/usr/local/bin/setup-live-ssh-server @@ -0,0 +1,37 @@ +#!/bin/bash + +set -e + +# First set: Install the included ssh server, but not start it +# wtf going on? +RUNLEVEL=1 apt --yes -o Dir::Cache="/var/cache/live-apt" -o Dir::Cache::archives="archives/" --no-download install /var/cache/live-apt/archives/*.deb + +# set root password + +ROOT_PASSWD=$(pwgen -B 9 1) +echo "root:${ROOT_PASSWD}" | chpasswd + +# Apply config changes + +# remove comment hashmark +sed -i -re 's/^(\#)(PermitRootLogin)([[:space:]]+)(.*)/\2\3\4/' /etc/ssh/sshd_config +# change root login to yes +sed -i -re 's/^(\#?)(PermitRootLogin)([[:space:]]+)prohibit-password/\2\3yes/' /etc/ssh/sshd_config + + +# TODO: Update motd +cat >> /etc/motd << EOF + +======================================== + SSH Server enabled! + + User: root + Password: ${ROOT_PASSWD} +======================================== + +EOF + + + +# Start the ssh server +systemctl restart sshd.service diff --git a/config/package-lists/misc-tools.list.chroot b/config/package-lists/misc-tools.list.chroot index 0f6be5f..21580d2 100644 --- a/config/package-lists/misc-tools.list.chroot +++ b/config/package-lists/misc-tools.list.chroot @@ -3,3 +3,5 @@ bzip2 pbzip2 gnupg file +pwgen +tree From f4597a687a502dd0b0eaa1fc7c86267101bf9e7e Mon Sep 17 00:00:00 2001 From: marcsello Date: Tue, 26 Jan 2021 03:45:50 +0100 Subject: [PATCH 02/11] Added more functions to ssh setup script --- .../normal/0600-download-openssh.hook.chroot | 13 ++- .../usr/local/bin/setup-live-ssh-server | 86 ++++++++++++++++--- 2 files changed, 83 insertions(+), 16 deletions(-) diff --git a/config/hooks/normal/0600-download-openssh.hook.chroot b/config/hooks/normal/0600-download-openssh.hook.chroot index fd36b64..68b1dc5 100755 --- a/config/hooks/normal/0600-download-openssh.hook.chroot +++ b/config/hooks/normal/0600-download-openssh.hook.chroot @@ -2,5 +2,14 @@ # This command downloads the openssh-server and it's dependencies into the apt cache. So it can be installed boot time when required without internet access -mkdir -p "/var/cache/live-apt" -apt --download-only --yes -o Dir::Cache="/var/cache/live-apt" -o Dir::Cache::archives="archives/" install openssh-server +WORKDIR="/tmp/openssh-server-pkgs/" +TARGETDIR="/var/cache/openssh-server-pkgs/" + +mkdir -p "${WORKDIR}/cache" +apt --download-only --yes -o Dir::Cache="${WORKDIR}/cache" -o Dir::Cache::archives="archives/" install openssh-server + + +mkdir -p "${TARGETDIR}" +mv "${WORKDIR}/cache/archives/"*".deb" "${TARGETDIR}" + +rm -r "${WORKDIR}" diff --git a/config/includes.chroot/usr/local/bin/setup-live-ssh-server b/config/includes.chroot/usr/local/bin/setup-live-ssh-server index cc84fbd..b7f450d 100755 --- a/config/includes.chroot/usr/local/bin/setup-live-ssh-server +++ b/config/includes.chroot/usr/local/bin/setup-live-ssh-server @@ -1,37 +1,95 @@ #!/bin/bash +## Part of the Debian AdminCD project + set -e -# First set: Install the included ssh server, but not start it -# wtf going on? -RUNLEVEL=1 apt --yes -o Dir::Cache="/var/cache/live-apt" -o Dir::Cache::archives="archives/" --no-download install /var/cache/live-apt/archives/*.deb +function fail { + echo "$@" + exit 1 +} -# set root password +while [ $# -ne 0 ]; do + + arg="$1" + case "$arg" in + -q) + QUIET="yes" + ;; + -M) + NO_MOTD="yes" + ;; + -k) + SSH_KEY_URL="$2" + shift # shift out param as well + ;; + esac + shift # pop an arg + +done + + + +# Check if ssh server already installed + +for f in /etc/ssh/sshd_config /lib/systemd/system/ssh.service /usr/sbin/sshd; do + + test -f "$f" && fail "SSH Server seems to be already configured" + +done +# prevent SSH server from starting just after install +touch /etc/ssh/sshd_not_to_be_run + + +# For some reason "false" means "Yes, do allow root login please"... +# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=745778 +# https://www.debian.org/releases/jessie/amd64/release-notes/ch-information.en.html#openssh +debconf-set-selections <<< 'd-i openssh-server/permit-root-login boolean false' + +# Install openssh server and it's dependencies +dpkg -i /var/cache/openssh-server-pkgs/*.deb + +# set root password ROOT_PASSWD=$(pwgen -B 9 1) echo "root:${ROOT_PASSWD}" | chpasswd -# Apply config changes +# Download SSH key if specified +if [[ -n "${SSH_KEY_URL}" ]]; then -# remove comment hashmark -sed -i -re 's/^(\#)(PermitRootLogin)([[:space:]]+)(.*)/\2\3\4/' /etc/ssh/sshd_config -# change root login to yes -sed -i -re 's/^(\#?)(PermitRootLogin)([[:space:]]+)prohibit-password/\2\3yes/' /etc/ssh/sshd_config + mkdir -p /root/.ssh + wget -O /root/.ssh/authorized_keys "${SSH_KEY_URL}" + chmod 400 /root/.ssh/authorized_keys +fi -# TODO: Update motd -cat >> /etc/motd << EOF + +# Update motd +if [[ -z "${NO_MOTD}" ]]; then + cat >> /etc/motd << EOF ======================================== SSH Server enabled! User: root Password: ${ROOT_PASSWD} -======================================== - EOF + [[ -n "${SSH_KEY_URL}" ]] && echo " SSH key added from ${SSH_KEY_URL}" >> /etc/motd + + echo -e "========================================\n" >> /etc/motd + +fi +# Print the same info +if [[ -z "${QUIET}" ]]; then + echo "======================" + echo "SSH Server configured!" + echo "User: root" + echo "Password ${ROOT_PASSWD}" + [[ -n "${SSH_KEY_URL}" ]] && echo "SSH key added from ${SSH_KEY_URL}" +fi # Start the ssh server -systemctl restart sshd.service +rm /etc/ssh/sshd_not_to_be_run +systemctl start ssh.service From 46e54d319e52c3cc3d9b9535053badeea40502cd Mon Sep 17 00:00:00 2001 From: marcsello Date: Tue, 26 Jan 2021 03:55:31 +0100 Subject: [PATCH 03/11] Added help to ssh setup script --- .../usr/local/bin/setup-live-ssh-server | 46 ++++++++++++------- 1 file changed, 30 insertions(+), 16 deletions(-) diff --git a/config/includes.chroot/usr/local/bin/setup-live-ssh-server b/config/includes.chroot/usr/local/bin/setup-live-ssh-server index b7f450d..9f3956b 100755 --- a/config/includes.chroot/usr/local/bin/setup-live-ssh-server +++ b/config/includes.chroot/usr/local/bin/setup-live-ssh-server @@ -9,6 +9,17 @@ function fail { exit 1 } +function print_help { + echo "Debian AdminCD SSH server setup script" + echo + echo "Params:" + echo "-q\tDo not print connection details when the script finishes" + echo "-M\tDo not append connection details to /etc/motd" + echo "-k URL\tDownload and install SSH public key from URL" + echo "-h\tThis help" + echo +} + while [ $# -ne 0 ]; do arg="$1" @@ -23,6 +34,13 @@ while [ $# -ne 0 ]; do SSH_KEY_URL="$2" shift # shift out param as well ;; + -h) + print_help + exit 0 + ;; + *) + print_help + fail "Unknown option: $arg" esac shift # pop an arg @@ -31,7 +49,6 @@ done # Check if ssh server already installed - for f in /etc/ssh/sshd_config /lib/systemd/system/ssh.service /usr/sbin/sshd; do test -f "$f" && fail "SSH Server seems to be already configured" @@ -50,7 +67,7 @@ debconf-set-selections <<< 'd-i openssh-server/permit-root-login boolean false' # Install openssh server and it's dependencies dpkg -i /var/cache/openssh-server-pkgs/*.deb -# set root password +# generate and set root password ROOT_PASSWD=$(pwgen -B 9 1) echo "root:${ROOT_PASSWD}" | chpasswd @@ -65,29 +82,26 @@ fi # Update motd -if [[ -z "${NO_MOTD}" ]]; then - cat >> /etc/motd << EOF -======================================== - SSH Server enabled! +function print_connection_details { - User: root - Password: ${ROOT_PASSWD} -EOF + tput bold + echo "[SSH server enabled!]" + tput sgr0 + echo "User: root" + echo "Password: ${ROOT_PASSWD}" + [[ -n "${SSH_KEY_URL}" ]] && echo "SSH key added from ${SSH_KEY_URL}" - [[ -n "${SSH_KEY_URL}" ]] && echo " SSH key added from ${SSH_KEY_URL}" >> /etc/motd +} - echo -e "========================================\n" >> /etc/motd +if [[ -z "${NO_MOTD}" ]]; then + (echo; print_connection_details; echo) >> /etc/motd fi # Print the same info if [[ -z "${QUIET}" ]]; then - echo "======================" - echo "SSH Server configured!" - echo "User: root" - echo "Password ${ROOT_PASSWD}" - [[ -n "${SSH_KEY_URL}" ]] && echo "SSH key added from ${SSH_KEY_URL}" + print_connection_details fi # Start the ssh server From 11e31f681521874883d5f9fd0953016ae5d64f5c Mon Sep 17 00:00:00 2001 From: marcsello Date: Tue, 26 Jan 2021 04:10:21 +0100 Subject: [PATCH 04/11] Fixed help printing --- .../usr/local/bin/setup-live-ssh-server | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/config/includes.chroot/usr/local/bin/setup-live-ssh-server b/config/includes.chroot/usr/local/bin/setup-live-ssh-server index 9f3956b..5e6b612 100755 --- a/config/includes.chroot/usr/local/bin/setup-live-ssh-server +++ b/config/includes.chroot/usr/local/bin/setup-live-ssh-server @@ -13,10 +13,10 @@ function print_help { echo "Debian AdminCD SSH server setup script" echo echo "Params:" - echo "-q\tDo not print connection details when the script finishes" - echo "-M\tDo not append connection details to /etc/motd" - echo "-k URL\tDownload and install SSH public key from URL" - echo "-h\tThis help" + echo -e "-q\tDo not print connection details when the script finishes" + echo -e "-M\tDo not append connection details to /etc/motd" + echo -e "-k URL\tDownload and install SSH public key from URL" + echo -e "-h\tThis help" echo } @@ -34,7 +34,7 @@ while [ $# -ne 0 ]; do SSH_KEY_URL="$2" shift # shift out param as well ;; - -h) + -h|--help) print_help exit 0 ;; From 21e41d4298a09fccf88578969f431312fc2e1672 Mon Sep 17 00:00:00 2001 From: marcsello Date: Tue, 26 Jan 2021 04:14:02 +0100 Subject: [PATCH 05/11] Fixed ssh script fails when it shouldn't --- config/includes.chroot/usr/local/bin/setup-live-ssh-server | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/includes.chroot/usr/local/bin/setup-live-ssh-server b/config/includes.chroot/usr/local/bin/setup-live-ssh-server index 5e6b612..d1b0be9 100755 --- a/config/includes.chroot/usr/local/bin/setup-live-ssh-server +++ b/config/includes.chroot/usr/local/bin/setup-live-ssh-server @@ -90,7 +90,7 @@ function print_connection_details { tput sgr0 echo "User: root" echo "Password: ${ROOT_PASSWD}" - [[ -n "${SSH_KEY_URL}" ]] && echo "SSH key added from ${SSH_KEY_URL}" + [[ -n "${SSH_KEY_URL}" ]] && echo "SSH key added from ${SSH_KEY_URL}" || true # otherwise the script would fail because set -e } From 873c6c7b676e8710ec86eefc7686e0d6472e20b1 Mon Sep 17 00:00:00 2001 From: marcsello Date: Tue, 26 Jan 2021 18:48:24 +0100 Subject: [PATCH 06/11] Added password setting arguments to ssh script --- .../usr/local/bin/setup-live-ssh-server | 36 +++++++++++++------ 1 file changed, 26 insertions(+), 10 deletions(-) diff --git a/config/includes.chroot/usr/local/bin/setup-live-ssh-server b/config/includes.chroot/usr/local/bin/setup-live-ssh-server index d1b0be9..b30e278 100755 --- a/config/includes.chroot/usr/local/bin/setup-live-ssh-server +++ b/config/includes.chroot/usr/local/bin/setup-live-ssh-server @@ -13,10 +13,12 @@ function print_help { echo "Debian AdminCD SSH server setup script" echo echo "Params:" - echo -e "-q\tDo not print connection details when the script finishes" - echo -e "-M\tDo not append connection details to /etc/motd" - echo -e "-k URL\tDownload and install SSH public key from URL" - echo -e "-h\tThis help" + echo "-q Do not print connection details when the script finishes" + echo "-m Do not append connection details to /etc/motd" + echo "-k URL Download and install SSH public key from URL" + echo "-p PASSOWRD Use PASSWORD instead of a generated one" + echo "-P Do not configure root password (login only via key)" + echo "-h/--help This help" echo } @@ -27,7 +29,7 @@ while [ $# -ne 0 ]; do -q) QUIET="yes" ;; - -M) + -m) NO_MOTD="yes" ;; -k) @@ -38,6 +40,13 @@ while [ $# -ne 0 ]; do print_help exit 0 ;; + -p) + ROOT_PASSWD="$2" + shift + ;; + -P) + NO_PASSWD_CONFIG="yes" + ;; *) print_help fail "Unknown option: $arg" @@ -62,14 +71,21 @@ touch /etc/ssh/sshd_not_to_be_run # For some reason "false" means "Yes, do allow root login please"... # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=745778 # https://www.debian.org/releases/jessie/amd64/release-notes/ch-information.en.html#openssh -debconf-set-selections <<< 'd-i openssh-server/permit-root-login boolean false' +[[ -z "${NO_PASSWD_CONFIG}" ]] && debconf-set-selections <<< 'd-i openssh-server/permit-root-login boolean false' # Install openssh server and it's dependencies dpkg -i /var/cache/openssh-server-pkgs/*.deb -# generate and set root password -ROOT_PASSWD=$(pwgen -B 9 1) -echo "root:${ROOT_PASSWD}" | chpasswd + +if [[ -z "${NO_PASSWD_CONFIG}" ]]; then + # generate and set root password + + if [[ -z "${ROOT_PASSWD}" ]]; then + ROOT_PASSWD=$(pwgen -B 9 1) + fi + + echo "root:${ROOT_PASSWD}" | chpasswd +fi # Download SSH key if specified if [[ -n "${SSH_KEY_URL}" ]]; then @@ -89,7 +105,7 @@ function print_connection_details { echo "[SSH server enabled!]" tput sgr0 echo "User: root" - echo "Password: ${ROOT_PASSWD}" + [[ -z "${NO_PASSWD_CONFIG}" ]] && echo "Password: ${ROOT_PASSWD}" [[ -n "${SSH_KEY_URL}" ]] && echo "SSH key added from ${SSH_KEY_URL}" || true # otherwise the script would fail because set -e } From 106daa0a241256de682d37be0c64ee492e99b6b3 Mon Sep 17 00:00:00 2001 From: marcsello Date: Wed, 27 Jan 2021 19:15:15 +0100 Subject: [PATCH 07/11] Added more options to ssh script --- .../usr/local/bin/setup-live-ssh-server | 23 +++++++++++-------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/config/includes.chroot/usr/local/bin/setup-live-ssh-server b/config/includes.chroot/usr/local/bin/setup-live-ssh-server index b30e278..23d564d 100755 --- a/config/includes.chroot/usr/local/bin/setup-live-ssh-server +++ b/config/includes.chroot/usr/local/bin/setup-live-ssh-server @@ -18,6 +18,7 @@ function print_help { echo "-k URL Download and install SSH public key from URL" echo "-p PASSOWRD Use PASSWORD instead of a generated one" echo "-P Do not configure root password (login only via key)" + echo "-S Do not start/restart the systemd service (have to restart manually)" echo "-h/--help This help" echo } @@ -47,6 +48,9 @@ while [ $# -ne 0 ]; do -P) NO_PASSWD_CONFIG="yes" ;; + -S) + NO_SYSTEMD="yes" + ;; *) print_help fail "Unknown option: $arg" @@ -65,7 +69,7 @@ for f in /etc/ssh/sshd_config /lib/systemd/system/ssh.service /usr/sbin/sshd; do done # prevent SSH server from starting just after install -touch /etc/ssh/sshd_not_to_be_run +[[ -z "${NO_SYSTEMD}" ]] && touch /etc/ssh/sshd_not_to_be_run || true # For some reason "false" means "Yes, do allow root login please"... @@ -101,11 +105,10 @@ fi function print_connection_details { - tput bold - echo "[SSH server enabled!]" - tput sgr0 + echo -e "\033[1m[SSH server enabled!]\033[0m" + echo "User: root" - [[ -z "${NO_PASSWD_CONFIG}" ]] && echo "Password: ${ROOT_PASSWD}" + [[ -z "${NO_PASSWD_CONFIG}" ]] && echo "Password: ${ROOT_PASSWD}" || true [[ -n "${SSH_KEY_URL}" ]] && echo "SSH key added from ${SSH_KEY_URL}" || true # otherwise the script would fail because set -e } @@ -115,11 +118,13 @@ if [[ -z "${NO_MOTD}" ]]; then (echo; print_connection_details; echo) >> /etc/motd fi -# Print the same info if [[ -z "${QUIET}" ]]; then + # Print the same info print_connection_details fi -# Start the ssh server -rm /etc/ssh/sshd_not_to_be_run -systemctl start ssh.service +if [[ -z "${NO_SYSTEMD}" ]]; then + # Start the ssh server + rm /etc/ssh/sshd_not_to_be_run + systemctl start ssh.service +fi From b6bf67fa17353ce59d95e779492f962b1c9fd8aa Mon Sep 17 00:00:00 2001 From: marcsello Date: Wed, 27 Jan 2021 20:06:41 +0100 Subject: [PATCH 08/11] Added ssh config option to parameters --- .../lib/live/config/0500-setup-ssh | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100755 config/includes.chroot/lib/live/config/0500-setup-ssh diff --git a/config/includes.chroot/lib/live/config/0500-setup-ssh b/config/includes.chroot/lib/live/config/0500-setup-ssh new file mode 100755 index 0000000..8b9a28a --- /dev/null +++ b/config/includes.chroot/lib/live/config/0500-setup-ssh @@ -0,0 +1,18 @@ +#!/bin/bash + +for arg in $(cat /proc/cmdline); do + case "${arg}" in + + withssh) + SETUP_SSH="yes" + ;; + + esac + +done + + +if [[ -n "${SETUP_SSH}" ]]; then + /usr/local/bin/setup-live-ssh-server -q -S +fi + From e523f1fb6c77bf6746c3551d1b89bad17bc46be4 Mon Sep 17 00:00:00 2001 From: marcsello Date: Sun, 31 Jan 2021 16:07:09 +0100 Subject: [PATCH 09/11] Added more kernel cmdline ssh options --- .../lib/live/config/0500-setup-ssh | 25 ++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/config/includes.chroot/lib/live/config/0500-setup-ssh b/config/includes.chroot/lib/live/config/0500-setup-ssh index 8b9a28a..cbacadf 100755 --- a/config/includes.chroot/lib/live/config/0500-setup-ssh +++ b/config/includes.chroot/lib/live/config/0500-setup-ssh @@ -3,16 +3,39 @@ for arg in $(cat /proc/cmdline); do case "${arg}" in + withssh.pw=*) + SETUP_SSH="yes" + SSH_PW=${arg#*=} + ;; + + withssh.nopw) + SETUP_SSH="yes" + SSH_NOPW="yes" + ;; + + withssh.key=*) + SETUP_SSH="yes" + SSH_KEY=${arg#*=} + ;; + + withssh) SETUP_SSH="yes" ;; + esac done if [[ -n "${SETUP_SSH}" ]]; then - /usr/local/bin/setup-live-ssh-server -q -S + cmdline="/usr/local/bin/setup-live-ssh-server -q -S" + + [[ -n "${SSH_PW}" ]] && cmdline="$cmdline -p ${SSH_PW}" + [[ -n "${SSH_NOPW}" ]] && cmdline="$cmdline -P" + [[ -n "${SSH_KEY}" ]] && cmdline="$cmdline -k ${SSH_KEY}" + + ${cmdline} fi From c210260f7198f25e7c5bbb1b934e044051dd111d Mon Sep 17 00:00:00 2001 From: marcsello Date: Sun, 31 Jan 2021 16:32:49 +0100 Subject: [PATCH 10/11] Added docs about ssh setup script --- README.md | 11 +++++++++++ tools.md | 44 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 55 insertions(+) create mode 100644 tools.md diff --git a/README.md b/README.md index 2f0af5e..c5af149 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,17 @@ Built using standard [Debian Live](https://www.debian.org/devel/debian-live/) to Essentially this is a simple live image, with a selection of administration tools preinstalled. This image can be used to rescue your system, debug hardware issues, or even install Debian with `debootstrap`, from a more friendly interface than Debian installer's rescue mode. +With the included Live SSH Setup tool, Debian Admin CD can be used to bootstrap a managed node with [Ansible](https://www.ansible.com/)! Read more [here](tools.md). + +## Tools + +Originally, Debian Admin CD was just a basic Debian live CD with a lot of preinstalled packages. But as time went on, a few home-grown tools and scripts were added to make Debian Admin CD suitable for even more tasks! + +Tools currently included: + - **Live SSH setup** Preconfigure an SSH server even from the kernel commandline (Useful for PXE booting) + + +Detailed description about the included tools/scripts can be found [here](tools.md). ## Building Debian Admin CD Building Debian Admin CD is easy as pie! diff --git a/tools.md b/tools.md new file mode 100644 index 0000000..af3314a --- /dev/null +++ b/tools.md @@ -0,0 +1,44 @@ +# Debian Admin CD Tools +Tools developed by the Debian Admin CD project + +## Setup Live SSH Server +The Debian Admin CD includes a setup script that helps setting up an SSH server on the live system. + +The packages required to install a OpenSSH server are built into the live image, and are being installed during boot. +This ensure that the server can be installed without internet access. And it won't be there if it's not needed. + +### Setup the SSH server + +The Live SSH server can be set up in two ways: + - Kernel cmdline parameters (Useful for PXE booting). + - Manually using the `setup-live-ssh-server` command after the system booted. + + +#### Kernel cmdline parameters + +The following parameters can be provided to the kernel commandline to configure the SSH server: + +``` +withssh Enable Live SSH server with default settings +withssh.nopw Do not configure root password (Same as -P) +withssh.pw=PASSWORD Use PASSWORD instead of a generated one (Same as -p) +withssh.key=URL Download and install SSH public key from URL (Same as -k) +``` + + +More than one parameters can be used at the same time. +If none of the parameters above supplied, the ssh server won't be installed and configured during boot time. + +#### Command line parameters + +The follwoings are the output of the `setup-live-ssh-server --help` command: + +``` +-q Do not print connection details when the script finishes +-m Do not append connection details to /etc/motd +-k URL Download and install SSH public key from URL +-p PASSOWRD Use PASSWORD instead of a generated one +-P Do not configure root password (login only via key) +-S Do not start/restart the systemd service (have to restart manually) +-h/--help This help +``` From a26f9f2506823f0d3160c5a55f1c2b83b7206210 Mon Sep 17 00:00:00 2001 From: marcsello Date: Sun, 31 Jan 2021 16:35:44 +0100 Subject: [PATCH 11/11] Added missing notice --- config/includes.chroot/lib/live/config/0500-setup-ssh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/config/includes.chroot/lib/live/config/0500-setup-ssh b/config/includes.chroot/lib/live/config/0500-setup-ssh index cbacadf..33a2220 100755 --- a/config/includes.chroot/lib/live/config/0500-setup-ssh +++ b/config/includes.chroot/lib/live/config/0500-setup-ssh @@ -1,5 +1,7 @@ #!/bin/bash +## Part of the Debian AdminCD project + for arg in $(cat /proc/cmdline); do case "${arg}" in