From 05fc1dbadb307360643dad20e6f81cc18bade303 Mon Sep 17 00:00:00 2001
From: "Gaunt, John" <jgaunt@johnhgaunt.com>
Date: Thu, 13 Dec 2018 13:05:33 -0500
Subject: [PATCH] comments and ssh config

---
 update.sh | 29 ++++++++++++++++++++++++++---
 1 file changed, 26 insertions(+), 3 deletions(-)

diff --git a/update.sh b/update.sh
index b3f59c6..aef886e 100644
--- a/update.sh
+++ b/update.sh
@@ -2,25 +2,48 @@
 
 # Update and isntall the packages unsed in my homelab
 
+# need to be root
 if [ "$EUID" -ne 0 ]; then
   echo "Please run as root"
   exit
 fi
 
+# Debian OS
 if [ -f /etc/debian_version ]; then
-    wget -O - http://repo.pbis.beyondtrust.com/apt/RPM-GPG-KEY-pbis | apt-key add - 
+    # install the apt-transport-https
+    apt install -y apt-transport-https
+    # download the gpg key for PBIS-Open
+    wget -O - http://repo.pbis.beyondtrust.com/apt/RPM-GPG-KEY-pbis | apt-key add -
+    # download the repo for PBIS-Open for SSO and Domain 
     wget -O /etc/apt/sources.list.d/pbiso.list http://repo.pbis.beyondtrust.com/apt/pbiso.list 
+    # update the list of available packages
     apt update
-    apt install -y pbis-open sudo nano htop nload iperf3 iperf3 open-vm-tools unattended-upgrade
+    # install the packages
+    apt install -y pbis-open sudo nano htop nload iperf3 iperf3 open-vm-tools unattended-upgrade unzip
+
+# CentOS OS
 elif [ -f /etc/redhat-release ]; then
+    # isntall the epel for other packages and wget
     yum install -y wget epel-release
+    
+    # download the repo for PBIS-Open for SSO and Domain
     wget -O /etc/yum.repos.d/pbiso.repo http://repo.pbis.beyondtrust.com/yum/pbiso.repo
+    
+    # clean the yum cache
     yum clean all
-    yum install -y pbis-open sudo nano htop nload iperf3 bind-utils open-vm-tools yum-cron
+    # install the packages
+    yum install -y pbis-open sudo nano htop nload iperf3 bind-utils open-vm-tools yum-cron unzip
+
+    # modify yum-cron config to auto install security updates and enable/start the service 
     sed --in-place "s/^update_cmd\ =\ default/update_cmd\ =\ security/" /etc/yum/yum-cron.conf
     sed --in-place "s/^apply_updates\ =\ no/apply_updates\ =\ yes/" /etc/yum/yum-cron.conf
     systemctl enable yum-cron
     systemctl start yum-cron 
+
+    # modify ssh to allow root login and then restart the service
+    sed --in-place "/S^#PermitRootLogin\ yes/PermitRootLogin\ yes/" /etc/ssh/sshd_config
+    systemctl restart sshd
+
 else
     echo "Unable to determine linux distro"
     exit