# Generate Google Authenticator secrets and QR codes and store the output in ~/ga2fa.txt
# -t: Generate time-based tokens
# -f: Force output to a file
# -d: Disable base32 encoding
# -w 3: Set the window size to 3
# -e 10: Set the issue period to 10 seconds
# -r 3: Set the scratch window size to 3
# -R 30: Set the recovery window size to 30
# tee ~/ga-output.txt: Redirect the output to the ~/ga-output.txt file
# Enable challenge-response passwords for SSH
sudo sed -i 's/^#ChallengeResponseAuthentication no$/ChallengeResponseAuthentication yes/' /etc/ssh/sshd_config
sudo sed -i 's/^ChallengeResponseAuthentication no$/ChallengeResponseAuthentication yes/' /etc/ssh/sshd_config
# Prompt the user to enable or disable password authentication
echo -n "Do you want to enable password authentication for SSH? (y/n) "
read -t 10 -p "Default is 'y' (Enable_password): " enable_password
# Check if the user entered a valid response
if [ -z "$enable_password" ]; then
enable_password="y"
# Enable or disable password authentication based on the user's response
if [ "$enable_password" == "y" ]; then
sudo sed -i 's/^#PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config
sudo sed -i 's/^PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config
echo "Password authentication enabled."
elif [ "$enable_password" == "n" ]; then
sudo sed -i 's/^PasswordAuthentication yes/#PasswordAuthentication no/' /etc/ssh/sshd_config
echo "Password authentication disabled."
else
echo "Invalid input. Please enter 'y' to enable or 'n' to disable password authentication."
fi
发表于 2024-5-25 14:27
