#!/bin/bash# add "prisoner" in the jail you created before !!# USAGE : ./add-

1. #!/bin/bash
2.  
3. # add "prisoner" in the jail you created before !!
4. # USAGE : ./add-user.sh <username> <password> <type>
5. # Type 1 : sftp jailed user ; Type 2 ssh jailed user
6. # A password will be auto-generated with pwgen (sudo apt install pwgen)
7.  
8. # Set your jail path wherever you want.
9. JAIL_PATH=/home/www/
10.  
11. USER=$1
12. # You can use any password generator you want, or set it manually (e.g PASS=$2)
13. # PASS=$(pwgen -Bsv 16 1)
14. PASS=$2
15.  
16. TYPE=$3
17.  
18. if [[ "x$USER" == "x" ]]; then
19. echo "you have to provide a user name"
20. exit;
21. fi
22.  
23. if [[ "x$PASS" == "x" ]]; then
24. echo "Password is missing"
25. exit;
26. fi
27.  
28. if [[ $TYPE == 1 ]]; then
29. GROUP=sftpjailed;
30. elif [[ $TYPE == 2 ]]; then
31. GROUP=sshjailed;
32. else
33. echo "You have to select jail type"
34. echo "1 : sftp jailed user | 2 : ssh jailed user"
35. exit;
36. fi
37.  
38. getent passwd $USER > /dev/null
39. if [ $? -eq 0 ]; then
40. echo "user already exists";
41. exit;
42. fi
43.  
44. # All the steps below will have to be done for all users we want to chroot
45. # Create new user and add it to the sftp/sshjailed group
46. # We tell useradd the home directory is /home/$USER because, at login,
47. # the user will already be in the jail and this will be the right path at this moment ;)
48. useradd -G $GROUP -d /home/$USER -s /bin/bash -p $(openssl passwd -1 $PASS) $USER && \
49. echo "Password : ${PASS}"
50.  
51. mkdir -p $JAIL_PATH/home/$USER
52.  
53. # create or update minimal '/etc/passwd' file for our chrooted environment
54. cat /etc/passwd | grep $USER >> $JAIL_PATH/etc/passwd