From 23022e6d2023e5e4782304eca20705921f973938 Mon Sep 17 00:00:00 2001 From: konsthol Date: Sun, 26 Mar 2023 17:37:16 +0300 Subject: [PATCH] Make that it works in 90% of the cases. 3:30. --- harden | 4 ++-- secdep.py | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/harden b/harden index 8f8434d..e7dc824 100755 --- a/harden +++ b/harden @@ -114,7 +114,7 @@ services=() # The hardenSSH function will use sed to modify the sshd_config file to have the following settings: # - Allow ssh access to users in the sudo group only -# - Change the port to 22121 if it is available +# - Change the port to 22100 if it is available # - Configure idle timeout to 5 minutes # - Limit the number of authentication attempts to 3 # - Disable root login @@ -134,7 +134,7 @@ function hardenSSH { if [[ -e /etc/ssh/sshd_config ]] && [[ -r /etc/ssh/sshd_config ]]; then sed -i \ -e 's/^#AllowGroups.*/AllowGroups sudo/' \ - -e 's/^#Port.*/Port 22121/' \ + -e 's/^#Port.*/Port 22100/' \ -e 's/^#ClientAliveInterval.*/ClientAliveInterval 300/' \ -e 's/^#ClientAliveCountMax.*/ClientAliveCountMax 3/' \ -e 's/^#PermitRootLogin.*/PermitRootLogin no/' \ diff --git a/secdep.py b/secdep.py index 57e7174..7b76553 100755 --- a/secdep.py +++ b/secdep.py @@ -1219,6 +1219,8 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi print("\nIP: %s" % (node.public_ips[0])) print("\nssh command: ssh -i %s secdep@%s\n" % (SECDEP_SSH_PRIVATE_KEY, node.public_ips[0])) print("If you ever change the port adjust the command accordingly") + print("If you used the --deploy flag we changed the port to 22100 so the command is:") + print("\nssh -p 22100 -i %s secdep@%s\n" % (SECDEP_SSH_PRIVATE_KEY, node.public_ips[0])) return node def list_all_nodes(provider, filterIn=None, awsRegion=None):