Skip to content

#107_Script_To_Setup_Users_And_SSH

Jump to bottom
Andrew edited this page May 1, 2019 · 1 revision

Issue 107

Adding users and ssh key script

Andrew Davis
1/5/19

Summary

I have taken the SSH keys from GDrive and put them on my opax hosting. I also have a script to pull down those keys, add users and add the keys on an Ubuntu system. The link to the script is: http://opax.swin.edu.au/~101301597/capstone/setup.sh
The link to the key tarball is: http://opax.swin.edu.au/~101301597/capstone/pubkeys.tar
Everyone's username is their first name in lowercase eg: andrew paul ahmad nhi shane

Directions for script user

Steps to use

  1. Download the script
  2. Examine the script for best practice security behavior
  3. Make the script executeable
  4. Elevate to root user
  5. Execute script
  6. Drop privilege
  7. Logoff then test if you can login under your username Run these commands
$curl http://opax.swin.edu.au/~101301597/capstone/setup.sh -o setup.sh
$cat setup.sh
$chmod +x setup.sh
$sudo su
$./setup.sh
$exit

Directions for users logging in for the first time on their new account

Steps:

  1. ssh to the server IP address using your username
  2. set a new password using passwd, you will be prompted to enter it twice
  3. test sudo works with your new password with sudo -v. If it works correctly there will be no output
$ssh NAME@serveraddress
$passwd
$sudo -v

The script itself

#!/bin/bash

#get public keys
curl http://opax.swin.edu.au/~101301597/capstone/pubkeys.tar -o pubkeys.tar
#if the pubkeys can't be pulled down then exit
if [ ! -f "./pubkeys.tar" ]; then echo error downloading keys; exit; fi
tar -xf pubkeys.tar

#All our names
names=( "andrew" "shane" "paul" "nhi" "ahmad")



for n in ${names[@]}; do
	#create user and add to sudoers
	adduser $n --gecos "$n,RoomNumber,WorkPhone,HomePhone" --disabled-password
	#change from disabled password to blank password
	passwd $n -d
	usermod -aG sudo $n
	#before we can add keys we need to create the ~/.ssh/authorized_keys file
	mkdir /home/$n/.ssh
	touch /home/$n/.ssh/authorized_keys
	#And make it owned by the user
	chown -R $n:$n /home/$n 

	#conviniently all the public key names are the same as the names in the array suffixed with .pub
	cat $n.pub >> /home/$n/.ssh/authorized_keys
	rm $n.pub
done
rm pubkeys.tar

Home

Spike reports

About

Documents

Clone this wiki locally