install

#!/usr/bin/env bash

set -e

sudo apt-get install ssh

PORT_REGEX='^[0-9]{2,5}$'
while true; do
    read -p "SSH Port [22]: " PORT

    if [ -z "${PORT}" ]; then
        PORT=22
        break
    elif [[ ${PORT} =~ ${PORT_REGEX} ]]; then
        if ! netstat -tapen | grep -q ":${PORT}"; then
            break
        fi
        if [ "${PORT}" = '22' ]; then
            break
        fi
        echo "This port is in use already"
    fi
done

while true; do
    read -p "Disable password authentication [y/n]: " DISABLE_PASS

    if [ "${DISABLE_PASS}" = "y" ] || [ "${DISABLE_PASS}" = "n" ]; then
        break
    fi
done

ONE_TWO_THREE_REGEX='^[1-3]$'
while true; do
    echo "Permit root login:"
    echo "(1) yes"
    echo "(2) with key only"
    echo "(3) no"
    read -p "Choice: " PERMIT_ROOT_LOGIN

    if [[ ${PERMIT_ROOT_LOGIN} =~ ${ONE_TWO_THREE_REGEX} ]]; then
        break
    fi
done

SSHD_CONFIG="/etc/ssh/sshd_config"

echo "Backing up ssh configuration"
sudo cp "${SSHD_CONFIG}" "${SSHD_CONFIG}.bak"

echo "Configuring ssh"

sudo sed -i "s/Port.*/Port ${PORT}/" "${SSHD_CONFIG}"

if [ "${DISABLE_PASS}" = "y" ]; then
	sudo sed -i 's/#\?PasswordAuthentication yes/PasswordAuthentication no/' "${SSHD_CONFIG}"
fi

case ${PERMIT_ROOT_LOGIN} in
	1) sudo sed -i 's/PermitRootLogin .*/PermitRootLogin yes/' "${SSHD_CONFIG}" ;;
	2) sudo sed -i 's/PermitRootLogin .*/PermitRootLogin without-password/' "${SSHD_CONFIG}" ;;
	3) sudo sed -i 's/PermitRootLogin .*/PermitRootLogin no/' "${SSHD_CONFIG}" ;;
esac

sudo sed -i 's/#AuthorizedKeysFile.*/AuthorizedKeysFile	%h\/.ssh\/authorized_keys/' "${SSHD_CONFIG}"
sudo sed -i 's/#\?RSAAuthentication .*/RSAAuthentication yes/' "${SSHD_CONFIG}"
sudo sed -i 's/#\?PubkeyAuthentication .*/PubkeyAuthentication yes/' "${SSHD_CONFIG}"
sudo sed -i 's/#\?PermitEmptyPasswords .*/PermitEmptyPasswords no/' "${SSHD_CONFIG}"

echo "Linking ssh-manager globally"
sudo ln -s $(pwd)/ssh-manager /usr/local/bin/ssh-manager

echo "Restarting ssh"
sudo service ssh restart 2>&1 > /dev/null