External/du_setup
1
0
Fork 0
mirror of https://github.com/buildplan/du_setup.git synced 2025-12-29 16:14:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

adding ssh roll back

Browse Source
This commit is contained in:
Ali
2025-06-30 19:22:31 +01:00
parent 3cebc3c380
commit e83a896f6c
1 changed files with 11 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
du_setup.sh
View File

@@ -1,7 +1,7 @@
#!/bin/bash #!/bin/bash
# Debian 12 and Ubuntu Server Hardening Interactive Script # Debian 12 and Ubuntu Server Hardening Interactive Script
# Version: 0.52-rc | 2025-06-30 # Version: 0.52-rc1 | 2025-06-30
# Changelog: # Changelog:
# - v0.51: corrected repo links # - v0.51: corrected repo links
# - v0.50: versioning format change and repo name change # - v0.50: versioning format change and repo name change
@@ -90,7 +90,7 @@ print_header() {
echo -e "${CYAN}╔═════════════════════════════════════════════════════════════════╗${NC}" echo -e "${CYAN}╔═════════════════════════════════════════════════════════════════╗${NC}"
echo -e "${CYAN}║ ║${NC}" echo -e "${CYAN}║ ║${NC}"
echo -e "${CYAN}║ DEBIAN/UBUNTU SERVER SETUP AND HARDENING SCRIPT ║${NC}" echo -e "${CYAN}║ DEBIAN/UBUNTU SERVER SETUP AND HARDENING SCRIPT ║${NC}"
echo -e "${CYAN}║ v0.51 | 2025-06-30 ${NC}" echo -e "${CYAN}║ v0.52-rc | 2025-06-30 ║${NC}"
echo -e "${CYAN}║ ║${NC}" echo -e "${CYAN}║ ║${NC}"
echo -e "${CYAN}╚═════════════════════════════════════════════════════════════════╝${NC}" echo -e "${CYAN}╚═════════════════════════════════════════════════════════════════╝${NC}"
echo echo
@@ -650,7 +650,7 @@ EOF
tee /etc/issue.net > /dev/null <<'EOF' tee /etc/issue.net > /dev/null <<'EOF'
****************************************************************************** ******************************************************************************
🔒AUTHORIZED ACCESS ONLY 🔒AUTHORIZED ACCESS ONLY
<EFBFBD>═══ all attempts are logged and reviewed ════ ═══ all attempts are logged and reviewed ════
****************************************************************************** ******************************************************************************
EOF EOF
fi fi
@@ -705,8 +705,13 @@ EOF
print_info "Retrying SSH connection test ($retry_count/$max_retries)..." print_info "Retrying SSH connection test ($retry_count/$max_retries)..."
sleep 5 sleep 5
else else
print_error "Aborting. Restoring original SSH configuration." print_error "Aborting. Initiating rollback to original configuration..."
rollback_ssh_changes rollback_ssh_changes
if ss -tuln | grep -q ":$CURRENT_SSH_PORT"; then
print_success "Rollback successful. SSH restored on original port $CURRENT_SSH_PORT."
else
print_error "Rollback failed. SSH may not be accessible. Please investigate manually."
fi
exit 1 exit 1
fi fi
fi fi
@@ -716,10 +721,12 @@ EOF
rollback_ssh_changes() { rollback_ssh_changes() {
print_info "Rolling back SSH configuration changes..." print_info "Rolling back SSH configuration changes..."
print_info "Removing override and hardening files..."
rm -f /etc/systemd/system/ssh.service.d/override.conf rm -f /etc/systemd/system/ssh.service.d/override.conf
rm -f /etc/systemd/system/ssh.socket.d/override.conf rm -f /etc/systemd/system/ssh.socket.d/override.conf
cp "$SSHD_BACKUP_FILE" /etc/ssh/sshd_config cp "$SSHD_BACKUP_FILE" /etc/ssh/sshd_config
rm -f /etc/ssh/sshd_config.d/99-hardening.conf rm -f /etc/ssh/sshd_config.d/99-hardening.conf
print_info "Reloading systemd and restarting $SSH_SERVICE..."
systemctl daemon-reload systemctl daemon-reload
if ! systemctl restart "$SSH_SERVICE"; then if ! systemctl restart "$SSH_SERVICE"; then
print_warning "Failed to restart $SSH_SERVICE after rollback. Attempting manual start..." print_warning "Failed to restart $SSH_SERVICE after rollback. Attempting manual start..."