VpsRootEditor/main.sh at main · DuckyProject/VpsRootEditor · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
#!/bin/bash

sudo -i

# 更改文件属性以允许修改
sudo lsattr /etc/passwd /etc/shadow >/dev/null 2>&1
sudo chattr -i /etc/passwd /etc/shadow >/dev/null 2>&1
sudo chattr -a /etc/passwd /etc/shadow >/dev/null 2>&1
sudo lsattr /etc/passwd /etc/shadow >/dev/null 2>&1

# 更改root密码
echo root:$1 | sudo chpasswd root

# 修改SSH配置文件以允许root登录和密码认证
sudo sed -i "s/^#\?Port.*/Port 22/g" /etc/ssh/sshd_config
sudo sed -i "s/^#\?PermitRootLogin.*/PermitRootLogin yes/g" /etc/ssh/sshd_config
sudo sed -i "s/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g" /etc/ssh/sshd_config
sudo sed -i 's/^#\?KbdInteractiveAuthentication.*/KbdInteractiveAuthentication yes/g' /etc/ssh/sshd_config

# 检查并调整ChallengeResponseAuthentication设置
if grep -q "^#ChallengeResponseAuthentication" /etc/ssh/sshd_config; then
    sudo sed -i "s/^#ChallengeResponseAuthentication.*/ChallengeResponseAuthentication yes/g" /etc/ssh/sshd_config
elif grep -q "^ChallengeResponseAuthentication" /etc/ssh/sshd_config; then
    sudo sed -i "s/^ChallengeResponseAuthentication.*/ChallengeResponseAuthentication yes/g" /etc/ssh/sshd_config
else
    echo "ChallengeResponseAuthentication yes" | sudo tee -a /etc/ssh/sshd_config >/dev/null
fi

# 删除authorized_keys文件
sudo rm -f ~/.ssh/authorized_keys

# 重启SSH服务
sudo service ssh restart >/dev/null 2>&1
sudo service sshd restart >/dev/null 2>&1

# 移除agent
sudo snap remove oracle-cloud-agent
sudo snap remove oracle-cloud-agent-updater
sudo iptables -A OUTPUT -d 169.254.169.254 -j DROP
sudo iptables -A INPUT -s 169.254.169.254 -j DROP
echo "nameserver 1.1.1.1" | sudo tee /etc/resolv.conf > /dev/null

# 修改iptables规则
sudo iptables -P INPUT ACCEPT && sudo iptables -P OUTPUT ACCEPT && sudo iptables -F && sudo iptables-save > /etc/iptables/rules.v4 && sudo ip6tables-save > /etc/iptables/rules.v6

# 打印成功信息
echo "成功更改当前root密码为：$1"