3 files changed, 59 insertions, 0 deletions

diff --git a/Makefile b/Makefile
index 5c26e84..b152718 100644
--- a/Makefile
+++ b/Makefile
@@ -25,6 +25,7 @@ SBIN_FILES	:= lbu\
 		setup-mta\
 		setup-acf\
 		setup-bootable\
+		setup-sshd\
 		setup-timezone\
 		setup-xorg-base\
 		setup-gparted-desktop\
diff --git a/setup-alpine.in b/setup-alpine.in
index d25c21e..104f8a8 100644
--- a/setup-alpine.in
+++ b/setup-alpine.in
@@ -79,3 +79,5 @@ DEFAULT_DISK=none \
 $PREFIX/sbin/setup-apklbu -i
 
 $PREFIX/sbin/setup-chrony
+
+$PREFIX/sbin/setup-sshd
diff --git a/setup-sshd.in b/setup-sshd.in
new file mode 100755
index 0000000..0a86a86
--- /dev/null
+++ b/setup-sshd.in
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+PREFIX=
+
+. "$PREFIX/lib/libalpine.sh"
+
+usage() {
+        cat <<__EOF__
+usage: setup-sshd [-hnp]
+
+Setup sshd, turning off server side DNS lookups and password authentication by default
+
+options:
+ -h  Show this help
+ -n  Don't prompt, just use defaults
+ -p  Leave password authentication enabled
+__EOF__
+        exit 1
+}
+
+PASSWORDAUTH="N"
+
+while getopts "hnp" opt; do
+        case $opt in
+                n) PROMPT="0";;
+		h) usage;;
+		p) PASSWORDAUTH="Y";;
+        esac
+done
+
+if [ "$PROMPT" != "0" ]; then
+	echo "Setup sshd? (y/N)"
+	default_read setupsshd "N"
+	if [ "$setupsshd" == "N" ] || [ "$setupsshd" == "n" ]; then 
+		exit 0
+	fi
+fi
+
+exit 1
+
+acfinstalled="`apk version acf-core -q | awk '{print $1}'`"
+
+if [ "$acfinstalled" != "ERROR:" ]; then
+	apk add acf-openssh -q
+else
+	apk add openssh -q
+fi
+
+if [ "$PASSWORDAUTH" == "N"]; then
+	printf "PasswordAuthentication no\nUseDNS no\n" >> /etc/ssh/sshd_config
+else
+	printf "UseDNS no\n" >> /etc/ssh/sshd_config
+fi
+
+/etc/init.d/sshd start
+rc-update add sshd default