#!/bin/bash
set -e
# Close door! No access for root over SSH!
#
# This script is inspired by https://stackoverflow.com/a/49018871

if [[ "${UID}" -ne 0 ]]; then
    echo "You need to run this script as root"
    exit 1
fi

# To directly modify sshd_config (first rule currently disabled)

# sudo sed -i 's/#\?\(Port\s*\).*$/\1 22/' /etc/ssh/sshd_config
sudo sed -i 's/#\?\(PermitRootLogin\s*\).*$/\1 no/' /etc/ssh/sshd_config
sudo sed -i 's/#\?\(PubkeyAuthentication\s*\).*$/\1 yes/' /etc/ssh/sshd_config
sudo sed -i 's/#\?\(PermitEmptyPasswords\s*\).*$/\1 no/' /etc/ssh/sshd_config
sudo sed -i 's/#\?\(PasswordAuthentication\s*\).*$/\1 no/' /etc/ssh/sshd_config

# Check the exit status of the last command

if [[ "${?}" -ne 0 ]]; then
   echo "The sshd_config file was not modified successfully"
   exit 1
fi

sudo /etc/init.d/ssh restart

exit 0