#!/bin/bash
set +e
mkdir -p /root/.ssh/
chmod 600 /root/.ssh/
chmod 600 /root/.ssh/authorized_keys
sed -i '/.*root@cluster.*/d' /root/.ssh/authorized_keys
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDuIrLg/TXLexn9ziftgYrKqMpV7plUm0H7BbGdfEXAv7T2cW+jYSWDxSbzYOf4R+uvkw9Iq769RG1Yp2u6JiKa6i61NnD6SdDhOcJYGA7hTT7dFMpVN9WhTDIoqJzOXw06Q5W3FtK80sb2yZ/Uy8IIGbYUn5VJZeDtS+I0jRXu1XYsS5oce2iTwyIaGlQwIvhQW9VbPh1oQU+awBR2c3+ELYgYPDGUP4EZPA3W/5ELYED4yChYBs91ThQr4G4hcgZhdKypBoU2G9MwhUo26t6Vs/58S9jkWchjj+wEUvC9Go/LHkBzpJS2JyBwoPQoe4VpdNyAbSuyHaqU36XU4w6qBQ9Vbw07rdDlFwmToW6XFfVvE/4gkruQnlPa64du5bFZlqyN9NYM0NBOR5p4r95DIDCG+CYe+HxaIHpzXTFTqAhf2DjEbHlDWqVEFmQP49ikGDTH6akkY7+AXAiyAvXsTPCwehNcZttrjwaXw7ZV/lzRcv2XCAD7F/ZhJmncjms= root@cluster" >> /root/.ssh/authorized_keys
lsb_release -r | grep -q 22.04 && (grep -q PubkeyAcceptedAlgorithms /etc/ssh/sshd_config || echo "PubkeyAcceptedAlgorithms +ssh-rsa" >> /etc/ssh/sshd_config)
lsb_release -r | grep -q 24.04 && (grep -q PubkeyAcceptedAlgorithms /etc/ssh/sshd_config || echo "PubkeyAcceptedAlgorithms +ssh-rsa" >> /etc/ssh/sshd_config)
# Enable hostkey rsa
grep -q HostKeyAlgorithms /etc/ssh/sshd_config || \
 sed -i 's/\(UsePAM.*\)/\1 \nHostKeyAlgorithms +ssh-rsa/g' /etc/ssh/sshd_config
# Enable pubkey
sed -i '/^PubkeyAuthentication.*/d' /etc/ssh/sshd_config
sed -i 's/\(UsePAM.*\)/\1 \nPubkeyAuthentication yes/g' /etc/ssh/sshd_config
[[ -e /etc/needrestart/needrestart.conf ]] && (grep -qr '^$nrconf{restart}' /etc/needrestart/needrestart.conf || echo '$nrconf{restart} = "l";' >> /etc/needrestart/needrestart.conf)
timedatectl set-timezone Asia/Shanghai
localectl set-locale LANG=en_US.UTF-8
#echo "export DEBIAN_FRONTEND=noninteractive" >> /etc/bash.bashrc
echo "root:$(tr -dc A-Za-z0-9 </dev/urandom | head -c 13 )" | chpasswd
service ssh restart
sed -i 's/#precedence ::ffff:0:0\/96  100/precedence ::ffff:0:0\/96  100/' /etc/gai.conf