-
Notifications
You must be signed in to change notification settings - Fork 0
/
remote-ssh-setup
54 lines (45 loc) · 1.33 KB
/
remote-ssh-setup
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
#!/usr/bin/env bash
echo "NJIT NCAE 2024 Remote SSH Setup Script"
echo
# Check for root.
if [ "$EUID" -ne 0 ]
then echo "This script must be ran as root."
exit 1
fi
# Find sudo group.
if (getent group wheel &>/dev/null); then
echo "Detected sudo group 'wheel'."
sudo_group=wheel
elif (getent group sudo &>/dev/null); then
echo "Detected sudo group 'sudo'."
sudo_group=sudo
elif (getent group admin &>/dev/null); then
echo "Detected sudo group 'admin'."
sudo_group=admin
else
echo "Unable to autodetect sudo group."
exit 1
fi
# Creates team user.
# $1: Username
# $2: SSH public key.
function createUser {
echo "Creating team user for $1."
useradd -c "NJIT $1" -G "$sudo_group" "$1"
passwd -l $1
mkdir -p /home/$1/.ssh
echo $2 > /home/$1/.ssh/authorized_keys
chown -R ${1}:${1} /home/$1/.ssh
chmod -R u=rwX,go= /home/$1/.ssh
}
# Create team users. Will add usernames and keys on competition day.
createUser "USER" "SSHKEY"
# Create local access user.
echo "Creating local access user 'njit-local'."
useradd -c "NJIT Local Only" -G "$sudo_group" "njit-local"
echo "Enter password for local access user."
passwd "njit-local"
echo "Disabling SSH password authentication."
sed -i -E 's/#?PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
echo "Restarting SSH daemon."
systemctl restart sshd.service