Last active
January 10, 2022 05:04
-
-
Save piihuynh/f62bff5e6347d6c7a1b95d4aa460b4ef to your computer and use it in GitHub Desktop.
Add user with a generated pem on Ubuntu
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh -e | |
| # Usages: | |
| # wget -O - https://gist.githubusercontent.com/piihuynh/xxx/raw/yyy/add-user-on-ubuntu.sh | bash -s username | |
| # bash -c "$(wget -qO - 'https://gist.githubusercontent.com/piihuynh/xxx/raw/587yyy/add-user-on-ubuntu.sh')" '' username | |
| [ $EUID -ne 0 ] && echo "This script must be run as root" 1>&2 && exit 1 | |
| [ -z "$1" ] && echo "Please provide a username in 1st param" && exit 1 | |
| # Define username from param | |
| USER_NAME=$1 | |
| HOST_IP=`ip -o route get to 8.8.8.8 | sed -n 's/.*src \([0-9.]\+\).*/\1/p'` | |
| PEM_FILENAME=$USER_NAME.$HOSTNAME.pem | |
| # Fix hostname | |
| echo "" | |
| echo "Fixing hostname: $HOSTNAME" | |
| echo "---" | |
| sed -i "s/127\.0\.1\.1.*/127.0.1.1 $HOSTNAME/" /etc/hosts | |
| echo "" | |
| echo "Adding user: $USER_NAME" | |
| echo "---" | |
| # new user will be all '$USER_NAME' | |
| sudo adduser --disabled-password --gecos "" $USER_NAME | |
| # Make new user sudoer | |
| sudo usermod -aG sudo $USER_NAME | |
| sudo echo "$USER_NAME ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers | |
| # Backup sshd_config | |
| sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.origin | |
| # Enable ssh login | |
| sudo sed -i 's/PubkeyAuthentication no/PubkeyAuthentication yes/' /etc/ssh/sshd_config | |
| sudo sed -i 's/#PubkeyAuthentication/PubkeyAuthentication/' /etc/ssh/sshd_config | |
| sudo sed -i 's/#AuthorizedKeysFile/AuthorizedKeysFile/' /etc/ssh/sshd_config | |
| # Generate ssh share key for origin user | |
| mkdir ~/.ssh | |
| chmod 700 ~/.ssh | |
| ssh-keygen -b 4096 -C $PEM_FILENAME -f ~/.ssh/$PEM_FILENAME -N "" | |
| cat ~/.ssh/$PEM_FILENAME.pub >> ~/.ssh/authorized_keys | |
| # Clone for new user | |
| sudo mkdir /home/$USER_NAME/.ssh | |
| sudo chmod 700 ~/.ssh | |
| sudo cp ~/.ssh/$PEM_FILENAME /home/$USER_NAME/.ssh/ | |
| cat ~/.ssh/$PEM_FILENAME.pub | sudo tee -a /home/$USER_NAME/.ssh/authorized_keys | |
| sudo chown -R $USER_NAME /home/$USER_NAME/.ssh | |
| # Restart sshd | |
| sudo service sshd restart | |
| echo 'Use below command to download PEM file:' | |
| echo "rsync -av root@$HOST_IP:/home/$USER_NAME/.ssh/$PEM_FILENAME ~/.ssh/" | |
| echo '' | |
| echo 'Then use below command to connect:' | |
| echo "ssh -i ~/.ssh/$PEM_FILENAME $USER_NAME@$HOST_IP" | |
| echo '' | |
| # Add the docker group if it doesn't already exist: | |
| sudo groupadd docker | |
| # Add the connected user "$USER" to the docker group. Change the user name to match your preferred user if you do not want to use your current user: | |
| sudo gpasswd -a $USER_NAME docker | |
| # Refresh by exit & re-connect later | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment