From c80e5e9100cfece48d921248e2918c5f2444dd8f Mon Sep 17 00:00:00 2001 From: Sam Tygier Date: Tue, 18 Dec 2018 18:32:06 +0000 Subject: [PATCH] Allow enabling ssh server from config Add ENABLE_SSH option --- README.md | 4 ++++ build.sh | 1 + config | 1 + stage2/01-sys-tweaks/01-run.sh | 6 +++++- 4 files changed, 11 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 02db69d..a897488 100755 --- a/README.md +++ b/README.md @@ -85,6 +85,10 @@ The following environment variables are supported: If these are set, they are use to configure `wpa_supplicant.conf`, so that the raspberry pi can automatically connect to a wifi network on first boot. + * `ENABLE_SSH` (Default: `0`) + + Setting to `1` will enable ssh server for remote log in. Note that if you are using a common password such as the defaults there is a high risk of attackers taking over you RaspberryPi. + A simple example for building Raspbian: ```bash diff --git a/build.sh b/build.sh index 6d7a8c9..0f36071 100755 --- a/build.sh +++ b/build.sh @@ -146,6 +146,7 @@ export FIRST_USER_PASS=${FIRST_USER_PASS:-raspberry} export WPA_ESSID export WPA_PASSWORD export WPA_COUNTRY +export ENABLE_SSH="${ENABLE_SSH:-0}" export BASE_DIR diff --git a/config b/config index 85f5eae..25ee6fd 100644 --- a/config +++ b/config @@ -1 +1,2 @@ IMG_NAME='FRCVision' +ENABLE_SSH=1 diff --git a/stage2/01-sys-tweaks/01-run.sh b/stage2/01-sys-tweaks/01-run.sh index f366b02..f98ae15 100755 --- a/stage2/01-sys-tweaks/01-run.sh +++ b/stage2/01-sys-tweaks/01-run.sh @@ -45,7 +45,11 @@ cat files/bash.bashrc >> "${ROOTFS_DIR}/etc/bash.bashrc" cat files/bash.logout >> "${ROOTFS_DIR}/etc/bash.bash_logout" on_chroot << EOF -systemctl enable ssh +if [ "${ENABLE_SSH}" == "1" ]; then + systemctl enable ssh +else + systemctl disable ssh +fi systemctl enable regenerate_ssh_host_keys EOF