From 58e7e4023eb6f6cd68230fa33a24cdc20c40d2a9 Mon Sep 17 00:00:00 2001 From: Serge Schneider Date: Wed, 23 Nov 2016 16:15:22 +0000 Subject: [PATCH] Disable SSH by default --- export-noobs/00-release/files/release_notes.txt | 3 ++- stage2/01-sys-tweaks/files/regenerate_ssh_host_keys | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/export-noobs/00-release/files/release_notes.txt b/export-noobs/00-release/files/release_notes.txt index 04cd9e5..4d06294 100644 --- a/export-noobs/00-release/files/release_notes.txt +++ b/export-noobs/00-release/files/release_notes.txt @@ -1,5 +1,6 @@ UNRELEASED: - * Prompt for password change on first boot added + * SSH disabled by default; can be enabled by creating a file with name "ssh" in boot partition + * Prompt for password change at boot when SSH enabled with default password unchanged * Adobe Flash Player included * Updates to hardware video acceleration in Chromium browser * Greeter now uses background image from last set in Appearance Settings rather than pi user diff --git a/stage2/01-sys-tweaks/files/regenerate_ssh_host_keys b/stage2/01-sys-tweaks/files/regenerate_ssh_host_keys index b6c3f83..6f2ecfc 100644 --- a/stage2/01-sys-tweaks/files/regenerate_ssh_host_keys +++ b/stage2/01-sys-tweaks/files/regenerate_ssh_host_keys @@ -23,10 +23,10 @@ case "$1" in yes | ssh-keygen -q -N '' -t rsa -f /etc/ssh/ssh_host_rsa_key && \ yes | ssh-keygen -q -N '' -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key && \ yes | ssh-keygen -q -N '' -t ed25519 -f /etc/ssh/ssh_host_ed25519_key && \ - systemctl enable ssh && sync && \ + sync && \ rm /etc/init.d/regenerate_ssh_host_keys && \ update-rc.d regenerate_ssh_host_keys remove && \ - printf '\nfinished\n' && systemctl start ssh" > /var/log/regen_ssh_keys.log 2>&1 & + printf '\nfinished\n'" > /var/log/regen_ssh_keys.log 2>&1 & log_end_msg $? ;; *)