From cc6605695d75450d4dffd7bcc1563c3263b614b0 Mon Sep 17 00:00:00 2001 From: Sam Tygier Date: Tue, 18 Dec 2018 18:32:06 +0000 Subject: [PATCH] Allow enabling ssh server from config Add ENABLE_SSH option --- README.md | 4 ++++ build.sh | 1 + stage2/01-sys-tweaks/01-run.sh | 6 +++++- 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 02db69d..a897488 100755 --- a/README.md +++ b/README.md @@ -85,6 +85,10 @@ The following environment variables are supported: If these are set, they are use to configure `wpa_supplicant.conf`, so that the raspberry pi can automatically connect to a wifi network on first boot. + * `ENABLE_SSH` (Default: `0`) + + Setting to `1` will enable ssh server for remote log in. Note that if you are using a common password such as the defaults there is a high risk of attackers taking over you RaspberryPi. + A simple example for building Raspbian: ```bash diff --git a/build.sh b/build.sh index 6d7a8c9..0f36071 100755 --- a/build.sh +++ b/build.sh @@ -146,6 +146,7 @@ export FIRST_USER_PASS=${FIRST_USER_PASS:-raspberry} export WPA_ESSID export WPA_PASSWORD export WPA_COUNTRY +export ENABLE_SSH="${ENABLE_SSH:-0}" export BASE_DIR diff --git a/stage2/01-sys-tweaks/01-run.sh b/stage2/01-sys-tweaks/01-run.sh index 8fb99c1..8d28adc 100755 --- a/stage2/01-sys-tweaks/01-run.sh +++ b/stage2/01-sys-tweaks/01-run.sh @@ -15,7 +15,11 @@ on_chroot << EOF systemctl disable hwclock.sh systemctl disable nfs-common systemctl disable rpcbind -systemctl disable ssh +if [ "${ENABLE_SSH}" == "1" ]; then + systemctl enable ssh +else + systemctl disable ssh +fi systemctl enable regenerate_ssh_host_keys EOF