Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/sh
- sudo su
- #============================
- #Create deploy user
- DEPLOY_USER=deploy
- DEPLOY_USER_PASSWORD=deploy
- #============================
- #create deploy user
- adduser --disabled-password --gecos "" ${DEPLOY_USER}
- sudo adduser ${DEPLOY_USER} sudo
- echo "${DEPLOY_USER}:${DEPLOY_USER_PASSWORD}" | chpasswd
- #crreate .ssh folder
- mkdir -p /home/${DEPLOY_USER}/.ssh
- chmod 700 /home/${DEPLOY_USER}/.ssh
- #cat the key for this user to .ssh/authorized_keys
- touch /home/${DEPLOY_USER}/.ssh/authorized_keys
- #change home file owned by deploy user
- chown ${DEPLOY_USER}:${DEPLOY_USER} /home/${DEPLOY_USER} -R
- #turnoff ssh password authentication
- if grep -q '^PasswordAuthentication.*$' "/etc/ssh/sshd_config"; then
- echo "PasswordAuthentication is not commented, turning off explicitly..."
- sed -i 's/^PasswordAuthentication.*$/PasswordAuthentication no/g' /etc/ssh/sshd_config
- elif grep -q '^#PasswordAuthentication' "/etc/ssh/sshd_config";
- then
- echo "PasswordAuthentication is commented , turning off explicitly..."
- sed -i 's/^#PasswordAuthentication.*$/PasswordAuthentication no/g' /etc/ssh/sshd_config
- else
- echo "PasswordAuthentication is not turned on , skipping..."
- fi
- sudo service ssh restart
- #switch to deploy user
- su - deploy
- #exit deploy user
- exit
- #exit root
- exit
Add Comment
Please, Sign In to add comment
