LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Creating a batch of new users and adding ssh keys using a script (https://www.linuxquestions.org/questions/linux-newbie-8/creating-a-batch-of-new-users-and-adding-ssh-keys-using-a-script-4175494758/)

mattjjs 02-13-2014 05:33 AM
Creating a batch of new users and adding ssh keys using a script
 
Hi Guys,

Thanks for taking a look at this post,

I was wondering if there was a simple was to take a range of usernames, creating a user with that user name and then adding their ssh keys into their individual .ssh/authorized_keys file.

I guess what I need help with most is replacing the username in the below lines with each username, for example of 5 of the users could be: john, dave, mike, matt, justin

mkdir /home/username/.ssh
vim /home/username/.ssh/authorized_keys
chmod 755 /home/username/.ssh
chmod 644 /home/username/.ssh/authorized_keys

I have about 10-15 users to add on a few servers and it would be very handy to be able to save some time! :)

Many thanks!

Matt

Isaac Velando 02-13-2014 06:12 AM
Well it sounds like you'll want to write a simple loop in bash and use
Code:
cat
to replace the vim steps. Cat prints the contents of a file and we can redirect that to write or append to another file. Also before I go on, is there a specific reason for 755 as the permissions on the .ssh directory? Generally you should be using 700 since only that user should have access to sensitive information like that. I'm also confused by what you mean when you say

Quote:
and then adding their ssh keys into their individual .ssh/authorized_keys file
are you saying you want a user's own public ssh key in their own authorized_keys file, or are you trying to have some other public keys in each user's authorized_keys? I'm just a little confused by the purpose of the former case. I'll leave the explanation generic and you can adjust it to your needs in any event.

Let's say you have a file called usernames in the current directory with a name on each line. Then your loop could look something like this:

Code:
#!/bin/bash

for user in $( cat ./usernames ); do

mkdir -p /home/$user/.ssh
cat /path/to/pubkey >> /home/$user/.ssh/authorized_keys
chmod 700 /home/$user/.ssh
chmod 644 /home/$user/.ssh/authorized_keys
chown -R $user.$user /home/$user/.ssh

done
Note that you'll probably want the last line to set the ownership. Just replace /path/to/pubkey with whatever public ssh keys you want in the authorized_keys file. The >> appends output to the target file which is probably desired in this case, but note that there is also > which instead would overwrite any contents already in the target file.

mattjjs 02-13-2014 06:23 AM
Hi Isaac,

Thank you for your reply! Sorry I wasn't as clear as I could have been.

When I say "and then adding their ssh keys into their individual .ssh/authorized_keys file" I mean that I already have their workstation public keys and would like to add those to the created users :)

So I have individual files for each public key,

If I named each public key file with the corresponding username and did something like this : cat /public_keys/$user >> /home/$user/.ssh/authorized_keys

and the keys were located correctly would that work?

Matt

mattjjs 02-13-2014 06:36 AM
Hi again,

Sorry I forgot to mention that I made a mistake on the permissions you are correct, It should have been 640 for the authorized_keys file and 700 for .ssh

Much appreciated thank you!

Isaac Velando 02-13-2014 10:08 AM
Quote:
Originally Posted by mattjjs (Post 5116855)
Hi Isaac,

Thank you for your reply! Sorry I wasn't as clear as I could have been.

When I say "and then adding their ssh keys into their individual .ssh/authorized_keys file" I mean that I already have their workstation public keys and would like to add those to the created users :)

So I have individual files for each public key,

If I named each public key file with the corresponding username and did something like this : cat /public_keys/$user >> /home/$user/.ssh/authorized_keys

and the keys were located correctly would that work?

Matt
That should work. In case you're shaky on cat and redirection, you might want to experiment with output redirection a bit to better acquaint yourself with it - it's really one of the 'bread and butter' tools for Linux automation. This might help illustrate how this stuff works; execute these line by line and see if it makes sense:

Code:
echo "123" > testfile1
echo "456" >> testfile1
cat testfile1 # 123 should be on the first line, 456 should be on the second because it was appended

cat testfile1 > testfile2 # Print the contents of testfile1 and redirect this output to a new file, testfile2
cat testfile2

cat testfile1 >> testfile2 # Append the contents of testfile1 to testfile2
cat testfile2

echo "1" > testfile2
cat testfile2 # Since we didn't append, the "1" overwrites the contents of testfile2
Hope this helps.

mattjjs 02-13-2014 10:46 AM
Hi Isaac,

That's very handy thank you, I am hoping to start learning how to automate more so this helps a lot.

Have a good day!


All times are GMT -5. The time now is 11:16 PM.