Skip to content

Instantly share code, notes, and snippets.

@Zsoldier

Zsoldier/Add-SSHUser.sh

Last active Jan 17, 2020
Embed
What would you like to do?
Effectively, the script works like so: An existing sudoer/root/admin must run this script. You provide a username and the user's ssh public key. Set sudoer to true or false (or anything other than true really) customsudofile path defaults to /etc/sudoers.d/nopasswd Essentially, anything in sudoers.d path is ingested by sudoer file as an override…
username=""
sshpubkey=""
sudoer=true
allownopasswd=true
customsudodir="/etc/sudoers.d/"
tmpsudofile="/tmp/nopasswd" #used for safety check to assure sudo syntax is correct.
customsudodata="%sudo ALL=(ALL:ALL) NOPASSWD: ALL"
useradd $username
if [ "$sudoer" = true ] ; then
usermod -aG sudo $username
fi
mkdir -p /home/$username/.ssh
touch /home/$username/.ssh/authorized_keys
chown $username:$username /home/$username/.ssh
chmod 700 /home/$username/.ssh
chmod 644 /home/$username/.ssh/authorized_keys
echo $sshpubkey >> /home/$username/.ssh/authorized_keys
# Allows users in sudoers to run as sudo w/o password
if [ "$allownopasswd" = true ] ; then
if test -f "$customsudofile" ; then
echo "$customsudofile file already exists."
else
touch $tmpsudofile
echo $customsudodata > $tmpsudofile
if ! visudo -cf $tmpsudofile ; then
echo "$tmpsudofile syntax is incorrect."
else
mv $tmpsudofile $customsudodir
fi
fi
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.