Disable the Debian banner which can be used to identify the Debian version from the publc ip

This commit is contained in:
Bob Mottram 2015-12-29 12:29:10 +00:00
parent e67e250bab
commit 628c1840a1
1 changed files with 5 additions and 0 deletions

View File

@ -3401,6 +3401,11 @@ function configure_ssh {
sed -i 's/TCPKeepAlive.*/TCPKeepAlive no/g' /etc/ssh/sshd_config sed -i 's/TCPKeepAlive.*/TCPKeepAlive no/g' /etc/ssh/sshd_config
sed -i 's|HostKey /etc/ssh/ssh_host_dsa_key|#HostKey /etc/ssh/ssh_host_dsa_key|g' /etc/ssh/sshd_config sed -i 's|HostKey /etc/ssh/ssh_host_dsa_key|#HostKey /etc/ssh/ssh_host_dsa_key|g' /etc/ssh/sshd_config
sed -i 's|HostKey /etc/ssh/ssh_host_ecdsa_key|#HostKey /etc/ssh/ssh_host_ecdsa_key|g' /etc/ssh/sshd_config sed -i 's|HostKey /etc/ssh/ssh_host_ecdsa_key|#HostKey /etc/ssh/ssh_host_ecdsa_key|g' /etc/ssh/sshd_config
if ! grep -q 'DebianBanner' /etc/ssh/sshd_config; then
echo 'DebianBanner no' >> /etc/ssh/sshd_config
else
sed -i 's|DebianBanner.*|DebianBanner no|g' /etc/ssh/sshd_config
fi
if grep -q 'ClientAliveInterval' /etc/ssh/sshd_config; then if grep -q 'ClientAliveInterval' /etc/ssh/sshd_config; then
sed -i 's/ClientAliveInterval.*/ClientAliveInterval 60/g' /etc/ssh/sshd_config sed -i 's/ClientAliveInterval.*/ClientAliveInterval 60/g' /etc/ssh/sshd_config
else else