Tiny Core - Uninstall SSH
Log In or Register to download the BES file, and more.

0 Votes

Description

Uninstalls SSH and cleans up files used for persistence


Property Details

ID26984
StatusProduction - Fully Tested and Ready for Production
TitleTiny Core - Uninstall SSH
SourceInternal
Source Release Date4/5/2022 12:00:00 AM
KeywordsTiny Core Linux Relay, SSH
Is TaskTrue
Added by on 12/12/2022 8:02:13 AM
Last Modified by on 12/12/2022 8:02:13 AM
Counters 125 Views / 1 Download
User Rating 1 star 2 star 3 star 4 star 5 star * Average over 0 ratings. ** Log In or Register to add your rating.

Relevance

Used in 5 fixlets   * Results in a true/false
Show indented relevance
(exists relay service)
Used in 1 fixlet   * Results in a true/false
Show indented relevance
(release of operating system contains "tinycore")
Used in 1 fixlet   * Results in a true/false
Show indented relevance
exists file "/mnt/sda1/tce/optional/openssh.tcz" OR exists file "/usr/local/etc/ssh/ssh_config.orig" OR exists file "/home/tc/.ssh/authorized_keys"

Actions

Action 1 (default)

Action Link Click here  to Uninstall SSH.
Script Type BigFix Action Script 
delete __appendfile
appendfile #!/bin/sh
appendfile sudo /usr/local/etc/init.d/openssh stop
appendfile sleep 10
appendfile su -c "tce-audit builddb" tc
appendfile su -c "tce-audit delete openssh" tc
appendfile sudo rm -rf /var/lib/sshd/
appendfile sudo rm -f /var/opt/BESClient/__BESData/__Global/UsageData/sshd.stat
appendfile sudo rm -f /var/opt/BESClient/__BESData/__Global/UsageData/ssh-keygen.stat

//Delete .ssh directory and public key

appendfile sudo rm -rf /home/tc/.ssh/

//Delete the ssh monitoring script

appendfile sudo rm -f /home/tc/scripts/sshmon.sh

//The following removes lines from files used for persistence

if {exists (lines whose (it = "openssh.tcz") of files "/mnt/sda1/tce/onboot.lst")}

appendfile sed -i '/openssh.tcz/d' /mnt/sda1/tce/onboot.lst

endif

if {exists (lines whose (it = "usr/local/etc/ssh/") of files "/opt/.filetool.lst")}

appendfile sed -i '/usr\/local\/etc\/ssh\//d' /opt/.filetool.lst

endif

if {exists (lines whose (it = "opt/var/lib/sshd/") of files "/opt/.filetool.lst")}

appendfile sed -i '/opt\/var\/lib\/sshd\//d' /opt/.filetool.lst

endif

if {exists (lines whose (it = "sudo /usr/local/etc/init.d/openssh start") of files "/opt/bootlocal.sh")}

appendfile sed -i '/sudo \/usr\/local\/etc\/init.d\/openssh start/d' /opt/bootlocal.sh

endif

appendfile sudo filetool.sh -b
appendfile sleep 10

delete /var/opt/BESClient/uninstallssh.sh
move __appendfile /var/opt/BESClient/uninstallssh.sh
wait chmod 750 /var/opt/BESClient/uninstallssh.sh
wait /bin/sh /var/opt/BESClient/uninstallssh.sh

if {exists file "/home/tc/.ssh/authorized_keys"}

exit 1

endif

delete /var/opt/BESClient/uninstallssh.sh

run sudo reboot
Success Criteria

This action will be considered successful when the applicability relevance evaluates to false.


Sharing

Social Media:
Share this page on Yammer


Comments

Log In or Register to leave comments!
 

Content

Search
Share
Learn
Projects

Utilities

View SCM Scripts
Base64 Converter
Shell to Action Script

About

About Us
Tour
FAQ
Terms
Contact Us

BigFix Resources

Download BigFix
Support
Forum
Github/Bigfix
bigfix.me All Content
Hosted on bigfixme-as