Last active
April 11, 2024 04:47
-
-
Save robmsmt/b8300e7a0d711a7616e948a8232289a5 to your computer and use it in GitHub Desktop.
make_user_gen_ssh.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
NEW_USER=$1 | |
set -e | |
if [ -z "$NEW_USER" ];then | |
echo "Please provide user as arg... exiting." | |
exit 1 | |
fi | |
sudo adduser $NEW_USER | |
mkdir -p user_keys | |
ssh-keygen -f user_keys/$NEW_USER | |
sudo -u $NEW_USER mkdir -p /home/$NEW_USER/.ssh/ | |
sudo cp user_keys/$NEW_USER* /home/$NEW_USER/.ssh/ | |
sudo chown -R $NEW_USER /home/$NEW_USER/.ssh | |
sudo su $NEW_USER <<'EOF' | |
cd ~/.ssh | |
cat *.pub >> ./authorized_keys | |
EOF | |
chmod 600 user_keys/$NEW_USER* | |
zip -re user_keys/$NEW_USER.zip user_keys/$NEW_USER user_keys/$NEW_USER.pub | |
echo "User setup complete... send them private+pub key:" | |
echo "$(readlink -f user_keys/$NEW_USER.zip)" | |
~ |
Got it, thanks!
I think that part is just a comment: https://serverfault.com/a/743551/598820
Aah, thank you, makes sense, I’m much more comfortable now.
Thank you, much appreciated!
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
No it generates the keys and cp them into the new users directory /home/$NEW_USER/.ssh/ . Then adds their public key to ~/.ssh/authorized_keys. In general it might be better to let the user generate their own keys they send you the public key which you add to authorized_keys. This way you never have a copy of their priv key. For me, at the time, this was more automated/easier route.
It was a while ago that I wrote this, I think I tried that approach first but then had an issue getting the key scp'd back to my laptop to give to the user. :)