From 96b2c19823aed7bb3f11ad3224aed6eacbdac2ad Mon Sep 17 00:00:00 2001
From: Tobias K <6317548+theCalcaholic@users.noreply.github.com>
Date: Thu, 2 May 2024 02:48:28 +0200
Subject: [PATCH] ncp.sh,SSH.sh: Move root login configuration to SSH.sh

Signed-off-by: Tobias K <6317548+theCalcaholic@users.noreply.github.com>
---
 bin/ncp/NETWORKING/SSH.sh | 7 +++++++
 ncp.sh                    | 1 -
 updates/1.54.0.sh         | 8 +++++++-
 3 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/bin/ncp/NETWORKING/SSH.sh b/bin/ncp/NETWORKING/SSH.sh
index f3d063ab0..58dfcebdb 100644
--- a/bin/ncp/NETWORKING/SSH.sh
+++ b/bin/ncp/NETWORKING/SSH.sh
@@ -11,6 +11,13 @@
 install() {
   apt-get update
   apt-get install -y --no-install-recommends openssh-server
+  if grep '^PermitRootLogin' /etc/ssh/sshd_config
+  then
+    sed -i -e 's/^PermitRootLogin.*$/PermitRootLogin prohibit-password/' /etc/ssh/sshd_config
+  else
+    echo 'PermitRootLogin prohibit-password' >> /etc/ssh/sshd_config
+  fi
+  systemctl reload ssh
  }
 
 is_active()
diff --git a/ncp.sh b/ncp.sh
index 4eff4a150..8813c60cd 100644
--- a/ncp.sh
+++ b/ncp.sh
@@ -83,7 +83,6 @@ EOF
   is_docker || is_lxc || {
     chsh -s /usr/sbin/nologin "$WEBADMIN"
     passwd -l root
-    sed -i -e 's/^PermitRootLogin.*$/PermitRootLogin No/' /etc/ssh/sshd_config
   }
 
   ## NCP LAUNCHER
diff --git a/updates/1.54.0.sh b/updates/1.54.0.sh
index 5305f87a5..ffbe15a3b 100644
--- a/updates/1.54.0.sh
+++ b/updates/1.54.0.sh
@@ -7,7 +7,13 @@ if getent passwd "root" | grep -e '/usr/sbin/nologin'
 then
   chsh -s /bin/bash root
   passwd -l root
-  sed -i -e 's/^PermitRootLogin.*$/PermitRootLogin No/' /etc/ssh/sshd_config
+  if grep '^PermitRootLogin' /etc/ssh/sshd_config
+  then
+    sed -i -e 's/^PermitRootLogin.*$/PermitRootLogin prohibit-password/' /etc/ssh/sshd_config
+  else
+    echo 'PermitRootLogin prohibit-password' >> /etc/ssh/sshd_config
+  fi
+  systemctl reload ssh
 fi
 echo "done."