arcolinuxz
1 year ago
18 changed files with 222 additions and 297 deletions
@ -1,116 +0,0 @@ |
|||||||
# $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $ |
|
||||||
|
|
||||||
# This is the sshd server system-wide configuration file. See |
|
||||||
# sshd_config(5) for more information. |
|
||||||
|
|
||||||
# This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/bin |
|
||||||
|
|
||||||
# The strategy used for options in the default sshd_config shipped with |
|
||||||
# OpenSSH is to specify options with their default value where |
|
||||||
# possible, but leave them commented. Uncommented options override the |
|
||||||
# default value. |
|
||||||
|
|
||||||
#Port 22 |
|
||||||
#AddressFamily any |
|
||||||
#ListenAddress 0.0.0.0 |
|
||||||
#ListenAddress :: |
|
||||||
|
|
||||||
#HostKey /etc/ssh/ssh_host_rsa_key |
|
||||||
#HostKey /etc/ssh/ssh_host_ecdsa_key |
|
||||||
#HostKey /etc/ssh/ssh_host_ed25519_key |
|
||||||
|
|
||||||
# Ciphers and keying |
|
||||||
#RekeyLimit default none |
|
||||||
|
|
||||||
# Logging |
|
||||||
#SyslogFacility AUTH |
|
||||||
#LogLevel INFO |
|
||||||
|
|
||||||
# Authentication: |
|
||||||
|
|
||||||
#LoginGraceTime 2m |
|
||||||
PermitRootLogin yes |
|
||||||
#StrictModes yes |
|
||||||
#MaxAuthTries 6 |
|
||||||
#MaxSessions 10 |
|
||||||
|
|
||||||
#PubkeyAuthentication yes |
|
||||||
|
|
||||||
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 |
|
||||||
# but this is overridden so installations will only check .ssh/authorized_keys |
|
||||||
AuthorizedKeysFile .ssh/authorized_keys |
|
||||||
|
|
||||||
#AuthorizedPrincipalsFile none |
|
||||||
|
|
||||||
#AuthorizedKeysCommand none |
|
||||||
#AuthorizedKeysCommandUser nobody |
|
||||||
|
|
||||||
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts |
|
||||||
#HostbasedAuthentication no |
|
||||||
# Change to yes if you don't trust ~/.ssh/known_hosts for |
|
||||||
# HostbasedAuthentication |
|
||||||
#IgnoreUserKnownHosts no |
|
||||||
# Don't read the user's ~/.rhosts and ~/.shosts files |
|
||||||
#IgnoreRhosts yes |
|
||||||
|
|
||||||
# To disable tunneled clear text passwords, change to no here! |
|
||||||
#PasswordAuthentication yes |
|
||||||
#PermitEmptyPasswords no |
|
||||||
|
|
||||||
# Change to no to disable s/key passwords |
|
||||||
KbdInteractiveAuthentication no |
|
||||||
|
|
||||||
# Kerberos options |
|
||||||
#KerberosAuthentication no |
|
||||||
#KerberosOrLocalPasswd yes |
|
||||||
#KerberosTicketCleanup yes |
|
||||||
#KerberosGetAFSToken no |
|
||||||
|
|
||||||
# GSSAPI options |
|
||||||
#GSSAPIAuthentication no |
|
||||||
#GSSAPICleanupCredentials yes |
|
||||||
|
|
||||||
# Set this to 'yes' to enable PAM authentication, account processing, |
|
||||||
# and session processing. If this is enabled, PAM authentication will |
|
||||||
# be allowed through the KbdInteractiveAuthentication and |
|
||||||
# PasswordAuthentication. Depending on your PAM configuration, |
|
||||||
# PAM authentication via KbdInteractiveAuthentication may bypass |
|
||||||
# the setting of "PermitRootLogin prohibit-password". |
|
||||||
# If you just want the PAM account and session checks to run without |
|
||||||
# PAM authentication, then enable this but set PasswordAuthentication |
|
||||||
# and KbdInteractiveAuthentication to 'no'. |
|
||||||
UsePAM yes |
|
||||||
|
|
||||||
#AllowAgentForwarding yes |
|
||||||
#AllowTcpForwarding yes |
|
||||||
#GatewayPorts no |
|
||||||
#X11Forwarding no |
|
||||||
#X11DisplayOffset 10 |
|
||||||
#X11UseLocalhost yes |
|
||||||
#PermitTTY yes |
|
||||||
PrintMotd no |
|
||||||
#PrintLastLog yes |
|
||||||
#TCPKeepAlive yes |
|
||||||
#PermitUserEnvironment no |
|
||||||
#Compression delayed |
|
||||||
#ClientAliveInterval 0 |
|
||||||
#ClientAliveCountMax 3 |
|
||||||
#UseDNS no |
|
||||||
#PidFile /run/sshd.pid |
|
||||||
#MaxStartups 10:30:100 |
|
||||||
#PermitTunnel no |
|
||||||
#ChrootDirectory none |
|
||||||
#VersionAddendum none |
|
||||||
|
|
||||||
# no default banner path |
|
||||||
#Banner none |
|
||||||
|
|
||||||
# override default of no subsystems |
|
||||||
Subsystem sftp /usr/lib/ssh/sftp-server |
|
||||||
|
|
||||||
# Example of overriding settings on a per-user basis |
|
||||||
#Match User anoncvs |
|
||||||
# X11Forwarding no |
|
||||||
# AllowTcpForwarding no |
|
||||||
# PermitTTY no |
|
||||||
# ForceCommand cvs server |
|
@ -0,0 +1,3 @@ |
|||||||
|
# Allow root login using password authentication |
||||||
|
PasswordAuthentication yes |
||||||
|
PermitRootLogin yes |
@ -1,44 +0,0 @@ |
|||||||
# This file is part of systemd. |
|
||||||
# |
|
||||||
# systemd is free software; you can redistribute it and/or modify it |
|
||||||
# under the terms of the GNU Lesser General Public License as published by |
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or |
|
||||||
# (at your option) any later version. |
|
||||||
# |
|
||||||
# Entries in this file show the compile time defaults. |
|
||||||
# You can change settings by editing this file. |
|
||||||
# Defaults can be restored by simply deleting this file. |
|
||||||
# |
|
||||||
# See journald.conf(5) for details. |
|
||||||
|
|
||||||
[Journal] |
|
||||||
Storage=volatile |
|
||||||
#Compress=yes |
|
||||||
#Seal=yes |
|
||||||
#SplitMode=uid |
|
||||||
#SyncIntervalSec=5m |
|
||||||
#RateLimitIntervalSec=30s |
|
||||||
#RateLimitBurst=10000 |
|
||||||
#SystemMaxUse= |
|
||||||
#SystemKeepFree= |
|
||||||
#SystemMaxFileSize= |
|
||||||
#SystemMaxFiles=100 |
|
||||||
#RuntimeMaxUse= |
|
||||||
#RuntimeKeepFree= |
|
||||||
#RuntimeMaxFileSize= |
|
||||||
#RuntimeMaxFiles=100 |
|
||||||
#MaxRetentionSec= |
|
||||||
#MaxFileSec=1month |
|
||||||
#ForwardToSyslog=no |
|
||||||
#ForwardToKMsg=no |
|
||||||
#ForwardToConsole=no |
|
||||||
#ForwardToWall=yes |
|
||||||
#TTYPath=/dev/console |
|
||||||
#MaxLevelStore=debug |
|
||||||
#MaxLevelSyslog=debug |
|
||||||
#MaxLevelKMsg=notice |
|
||||||
#MaxLevelConsole=info |
|
||||||
#MaxLevelWall=emerg |
|
||||||
#LineMax=48K |
|
||||||
#ReadKMsg=yes |
|
||||||
#Audit=yes |
|
@ -1,38 +0,0 @@ |
|||||||
# This file is part of systemd. |
|
||||||
# |
|
||||||
# systemd is free software; you can redistribute it and/or modify it |
|
||||||
# under the terms of the GNU Lesser General Public License as published by |
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or |
|
||||||
# (at your option) any later version. |
|
||||||
# |
|
||||||
# Entries in this file show the compile time defaults. |
|
||||||
# You can change settings by editing this file. |
|
||||||
# Defaults can be restored by simply deleting this file. |
|
||||||
# |
|
||||||
# See logind.conf(5) for details. |
|
||||||
|
|
||||||
[Login] |
|
||||||
#NAutoVTs=6 |
|
||||||
#ReserveVT=6 |
|
||||||
#KillUserProcesses=no |
|
||||||
#KillOnlyUsers= |
|
||||||
#KillExcludeUsers=root |
|
||||||
#InhibitDelayMaxSec=5 |
|
||||||
#HandlePowerKey=poweroff |
|
||||||
HandleSuspendKey=ignore |
|
||||||
HandleHibernateKey=ignore |
|
||||||
HandleLidSwitch=ignore |
|
||||||
#HandleLidSwitchExternalPower=suspend |
|
||||||
#HandleLidSwitchDocked=ignore |
|
||||||
#PowerKeyIgnoreInhibited=no |
|
||||||
#SuspendKeyIgnoreInhibited=no |
|
||||||
#HibernateKeyIgnoreInhibited=no |
|
||||||
#LidSwitchIgnoreInhibited=yes |
|
||||||
#HoldoffTimeoutSec=30s |
|
||||||
#IdleAction=ignore |
|
||||||
#IdleActionSec=30min |
|
||||||
#RuntimeDirectorySize=10% |
|
||||||
#RuntimeDirectoryInodes=400k |
|
||||||
#RemoveIPC=yes |
|
||||||
#InhibitorsMax=8192 |
|
||||||
#SessionsMax=8192 |
|
@ -0,0 +1,2 @@ |
|||||||
|
[Network] |
||||||
|
IPv6PrivacyExtensions=yes |
@ -0,0 +1 @@ |
|||||||
|
/usr/lib/systemd/system/pcscd.socket |
@ -0,0 +1,4 @@ |
|||||||
|
disable-ccid |
||||||
|
disable-pinpad |
||||||
|
pcsc-driver /usr/lib/libpcsclite.so |
||||||
|
pcsc-shared |
@ -0,0 +1,80 @@ |
|||||||
|
# https://www.supergrubdisk.org/wiki/Loopback.cfg |
||||||
|
|
||||||
|
# Search for the ISO volume |
||||||
|
search --no-floppy --set=archiso_img_dev --file "${iso_path}" |
||||||
|
probe --set archiso_img_dev_uuid --fs-uuid "${archiso_img_dev}" |
||||||
|
|
||||||
|
# Get a human readable platform identifier |
||||||
|
if [ "${grub_platform}" == 'efi' ]; then |
||||||
|
archiso_platform='UEFI' |
||||||
|
if [ "${grub_cpu}" == 'x86_64' ]; then |
||||||
|
archiso_platform="x64 ${archiso_platform}" |
||||||
|
elif [ "${grub_cpu}" == 'i386' ]; then |
||||||
|
archiso_platform="IA32 ${archiso_platform}" |
||||||
|
else |
||||||
|
archiso_platform="${grub_cpu} ${archiso_platform}" |
||||||
|
fi |
||||||
|
elif [ "${grub_platform}" == 'pc' ]; then |
||||||
|
archiso_platform='BIOS' |
||||||
|
else |
||||||
|
archiso_platform="${grub_cpu} ${grub_platform}" |
||||||
|
fi |
||||||
|
|
||||||
|
# Set default menu entry |
||||||
|
default=archlinux |
||||||
|
timeout=15 |
||||||
|
timeout_style=menu |
||||||
|
|
||||||
|
|
||||||
|
# Menu entries |
||||||
|
|
||||||
|
menuentry "Arch Linux install medium (%ARCH%, ${archiso_platform})" --class arch --class gnu-linux --class gnu --class os --id 'archlinux' { |
||||||
|
set gfxpayload=keep |
||||||
|
linux /%INSTALL_DIR%/boot/%ARCH%/vmlinuz-linux archisobasedir=%INSTALL_DIR% img_dev=UUID=${archiso_img_dev_uuid} img_loop="${iso_path}" |
||||||
|
initrd /%INSTALL_DIR%/boot/intel-ucode.img /%INSTALL_DIR%/boot/amd-ucode.img /%INSTALL_DIR%/boot/%ARCH%/initramfs-linux.img |
||||||
|
} |
||||||
|
|
||||||
|
menuentry "Arch Linux install medium with speakup screen reader (%ARCH%, ${archiso_platform})" --hotkey s --class arch --class gnu-linux --class gnu --class os --id 'archlinux-accessibility' { |
||||||
|
set gfxpayload=keep |
||||||
|
linux /%INSTALL_DIR%/boot/%ARCH%/vmlinuz-linux archisobasedir=%INSTALL_DIR% img_dev=UUID=${archiso_img_dev_uuid} img_loop="${iso_path}" accessibility=on |
||||||
|
initrd /%INSTALL_DIR%/boot/intel-ucode.img /%INSTALL_DIR%/boot/amd-ucode.img /%INSTALL_DIR%/boot/%ARCH%/initramfs-linux.img |
||||||
|
} |
||||||
|
|
||||||
|
|
||||||
|
if [ "${grub_platform}" == 'efi' -a "${grub_cpu}" == 'x86_64' -a -f '/boot/memtest86+/memtest.efi' ]; then |
||||||
|
menuentry 'Run Memtest86+ (RAM test)' --class memtest86 --class memtest --class gnu --class tool { |
||||||
|
set gfxpayload=800x600,1024x768 |
||||||
|
linux /boot/memtest86+/memtest.efi |
||||||
|
} |
||||||
|
fi |
||||||
|
if [ "${grub_platform}" == 'pc' -a -f '/boot/memtest86+/memtest' ]; then |
||||||
|
menuentry 'Run Memtest86+ (RAM test)' --class memtest86 --class memtest --class gnu --class tool { |
||||||
|
set gfxpayload=800x600,1024x768 |
||||||
|
linux /boot/memtest86+/memtest |
||||||
|
} |
||||||
|
fi |
||||||
|
if [ "${grub_platform}" == 'efi' ]; then |
||||||
|
if [ "${grub_cpu}" == 'x86_64' -a -f '/shellx64.efi' ]; then |
||||||
|
menuentry 'UEFI Shell' --class efi { |
||||||
|
chainloader /shellx64.efi |
||||||
|
} |
||||||
|
elif [ "${grub_cpu}" == "i386" -a -f '/shellia32.efi' ]; then |
||||||
|
menuentry 'UEFI Shell' --class efi { |
||||||
|
chainloader /shellia32.efi |
||||||
|
} |
||||||
|
fi |
||||||
|
|
||||||
|
menuentry 'UEFI Firmware Settings' --id 'uefi-firmware' { |
||||||
|
fwsetup |
||||||
|
} |
||||||
|
fi |
||||||
|
|
||||||
|
menuentry 'System shutdown' --class shutdown --class poweroff { |
||||||
|
echo 'System shutting down...' |
||||||
|
halt |
||||||
|
} |
||||||
|
|
||||||
|
menuentry 'System restart' --class reboot --class restart { |
||||||
|
echo 'System rebooting...' |
||||||
|
reboot |
||||||
|
} |
Loading…
Reference in new issue