Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- ###
- # adduser.sh
- # Add user to system with random pass, add user to groups, create directories and fix permission
- #
- # Copyright (c) 2016 thomas.zink _at_ uni-konstanz _dot_ de (tz)
- # Usage of the works is permitted provided that this instrument is retained with the works, so that any entity that uses the works is notified of this instrument.
- # DISCLAIMER: THE WORKS ARE WITHOUT WARRANTY.
- #
- # This scripts performs the following actions:
- # 1. add a new user with random password
- # 2. add user to specified groups
- # 3. create .ssh, authorized_keys, and set permissions correctly
- # 4. set age of user to 0 to force password change at next login
- #
- # version:
- # - 2016-04-06-01 | tz | pwgen with 8 chars, touch create instead of created
- # - 2016-03-17-02 | tz | added history; group arguments; better output
- # - 2016-03-17-01 | tz | initial version
- ###
- set -eu -o pipefail
- shopt -s failglob
- # check if we got a username
- user="$1"
- [[ -z "$user" ]] && echo "usage: `basename $0` USERNAME [GROUPS..]" && exit 0;
- # check if we got any groups
- if [ ! -z "$2" ]; then
- shift
- groups=( "$@" )
- fi
- # add a new user with name $user, create home (-m), use bash as shell (-s /bin/bash)
- echo "useradd: Add user ${user}"
- pass=$(pwgen 8 1)
- sudo useradd -m -s /bin/bash -p $(openssl passwd -1 ${pass}) $user
- # add to groups
- for grp in "${groups[@]}"; do
- sudo usermod -aG $grp $user
- echo "usermod: Add user ${user} to group ${grp}"
- done
- # create .ssh, authorized_keys
- sudo mkdir -p -v /home/$user/.ssh
- sudo touch /home/$user/.ssh/authorized_keys
- echo "touch: create /home/${user}/.ssh/authorized_keys"
- # set user:group and permissions
- sudo chown -R $user:$user /home/$user/.ssh
- echo "chown: set ${user}:${user} for /home/${user}/.ssh"
- sudo chmod 700 /home/$user/.ssh
- echo "chmod: set 700 for /home/${user}/.ssh"
- sudo chmod 600 /home/$user/.ssh/authorized_keys
- echo "chmod: set 600 for /home/${user}/.ssh/authorized_keys"
- # change age to force user to change pass
- sudo chage -d 0 $user
- echo "chage: force ${user} to change pass at first login"
- # give feedback
- echo ""
- echo -e "INFO: Created user \e[1m${user}\e[0m with pass \e[1m${pass}\e[0m"
- echo ""
- echo -e "WARN: User \e[4mmust\e[0m change pass at first login"
- echo ""
- echo "NEXT:"
- echo "If user $user does not have an SSH key yet, on ${user}'s machine, create SSH key."
- echo "Use a keysize of at least 2048."
- echo ""
- echo "Linux: ssh-keygen -t rsa -b 2048 -C "${user}" -f ~/.ssh/id_rsa"
- echo "Windows: Use PuTTYgen, SSH-2 RSA, 2048"
- echo ""
- echo "Paste content of public key (id_rsa.pub) into server:/home/${user}/.ssh/authorized_keys"
- echo ""
- echo "Bye."
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement