44r0n7/pi-kit
1
0
Fork 0
Code Issues 8 Pull Requests Actions Packages Projects Releases 12 Wiki Activity

Add one-time SSH hardening notice after forced password change

Browse Source
This commit is contained in:
Aaron
2026-01-02 23:29:17 -05:00
parent 0a23902eb0
commit bc97e0374f
3 changed files with 24 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pikit-prep.sh
View File

@@ -210,9 +210,13 @@ prep_image() {
# --- Default login ---
if id -u dietpi >/dev/null 2>&1; then
echo "dietpi:pikit" | chpasswd && status CLEANED "reset dietpi password" || status FAIL "reset dietpi password"
mkdir -p /var/lib/pikit
rm -f /var/lib/pikit/first-login.notice
case "${PIKIT_FORCE_PASSWORD_CHANGE,,}" in
1|true|yes|on)
chage -d 0 dietpi && status CLEANED "force dietpi password change on next login" || status FAIL "force dietpi password change"
:> /var/lib/pikit/first-login.notice && chmod 644 /var/lib/pikit/first-login.notice \
&& status CLEANED "first-login notice armed" || status FAIL "first-login notice"
;;
*) ;;
esac