-
configuring key-only ssh access
Your suggestion to use an included file (sshd_custom.conf) is a valid approach, but it doesn't fully address the issue in Unraid. My script ensures the desired configuration is applied consistently, even if the core file is regenerated. While your method is more "Linux-correct," it doesn't account for Unraid's unique behavior. My solution is tailored to Unraid's specific workflow. Again as I mentioned my solution works, it is replicatable. Your works as well. What's the point of the discussion if it's not going to get fixed by LT
-
configuring key-only ssh access
you can remove parts of the script for simplification, but otherwise nothing wrong with it and instead of rewriting the sshd_config like in your case it actually injects the needed values, so my approach is actually better, byt ymmv.
-
configuring key-only ssh access
I've initially thought that it was the tailscale plugin messing around as reported by some redditors, but after reviewing the plugins code there is no relevance. As you mentioned the problem is within the rc.d script however I think that's read only. I've tried the following turned of ssh from UI removed the /etc/ssh/sshd_config turned on ssh from UI the config was actually copied from the usb flashdrive password login is not allowed But after reboot it still somehow replaces it with the default one, probably somewhere in the image on the usb drive.
-
configuring key-only ssh access
this is do dumb, at least on Unraid 7 the sshd_config on your flash drive is ignored... my workaround that actually works made a file /boot/config/scripts/fix_sshd_config.sh #!/bin/bash SSHD_CONFIG="/etc/ssh/sshd_config" BACKUP_CONFIG="/boot/config/ssh/sshd_config" cp "$SSHD_CONFIG" "$SSHD_CONFIG.bak" sed -i '/^PermitRootLogin/d' "$SSHD_CONFIG" sed -i '/^PasswordAuthentication/d' "$SSHD_CONFIG" sed -i '/^PubkeyAuthentication/d' "$SSHD_CONFIG" echo "PermitRootLogin prohibit-password" >> "$SSHD_CONFIG" echo "PasswordAuthentication no" >> "$SSHD_CONFIG" echo "PubkeyAuthentication yes" >> "$SSHD_CONFIG" cp "$SSHD_CONFIG" "$BACKUP_CONFIG" /etc/rc.d/rc.sshd restart chmod +x /boot/config/scripts/fix_sshd_config.sh then in the go file nano /boot/config/go bash /boot/config/scripts/fix_sshd_config.sh
el Romano
Members
-
Joined
-
Last visited