Create user and SSH key via script
I'm working a script that create user and add a key for that user
so he can use that key with his username to SSH into my VM
Ex. user = john
useradd -m john &&
cd ~/.ssh/ &&
rm -rf tmp_rsa* &&
ssh-keygen -t rsa -b 4096 -C "john@email.com" -N '' -f john_rsa &&
echo "#tmp_rsa" >> authorized_keys &&
cat john_rsa.pub >> authorized_keys &&
cat authorized_keys &&
service ssh restart &&
echo ">>> Done"
Is the above script is correct to acheive what I want ?
I tried connect with UN : john, and the key generated john_rsa.
I got
Thanks to @marosg and @Takkat
Here is my updated script
adduser -m john &&
cd ~/.ssh/ &&
rm -rf tmp_rsa* &&
ssh-keygen -t rsa -b 4096 -C "john@email.com" -N '' -f john_rsa &&
echo "#tmp_rsa" >> ~john/.ssh/authorized_keys &&
cat john_rsa.pub >> ~john/.ssh/authorized_keys &&
cat authorized_keys &&
echo ">>> Done"
command-line bash scripts ssh
edited 2 days ago
pa4080
14k52564
asked Jan 23 at 19:02
kyokyo
12210
|
show 1 more comment
I'm working a script that create user and add a key for that user
so he can use that key with his username to SSH into my VM
Ex. user = john
useradd -m john &&
cd ~/.ssh/ &&
rm -rf tmp_rsa* &&
ssh-keygen -t rsa -b 4096 -C "john@email.com" -N '' -f john_rsa &&
echo "#tmp_rsa" >> authorized_keys &&
cat john_rsa.pub >> authorized_keys &&
cat authorized_keys &&
service ssh restart &&
echo ">>> Done"
Is the above script is correct to acheive what I want ?
I tried connect with UN : john, and the key generated john_rsa.
I got
Thanks to @marosg and @Takkat
Here is my updated script
adduser -m john &&
cd ~/.ssh/ &&
rm -rf tmp_rsa* &&
ssh-keygen -t rsa -b 4096 -C "john@email.com" -N '' -f john_rsa &&
echo "#tmp_rsa" >> ~john/.ssh/authorized_keys &&
cat john_rsa.pub >> ~john/.ssh/authorized_keys &&
cat authorized_keys &&
echo ">>> Done"
command-line bash scripts ssh
edited 2 days ago
pa4080
14k52564
asked Jan 23 at 19:02
kyokyo
12210
The commanduseraddwill not create a home directory for john, butadduserwill. See askubuntu.com/questions/139304/…
– Takkat
Jan 23 at 19:39
@Takkat what about the-m?
– kyo
Jan 23 at 19:45
@Takkat : What you think of my updated script ?
– kyo
Jan 23 at 19:47
There is no option-min Ubuntu. The home directory will be created by default in/home/- after that it appears you may want to create your keys as userjohn.
– Takkat
Jan 23 at 19:55
So this should do right ?adduser -m john
– kyo
Jan 23 at 20:20
|
show 1 more comment
I'm working a script that create user and add a key for that user
so he can use that key with his username to SSH into my VM
Ex. user = john
useradd -m john &&
cd ~/.ssh/ &&
rm -rf tmp_rsa* &&
ssh-keygen -t rsa -b 4096 -C "john@email.com" -N '' -f john_rsa &&
echo "#tmp_rsa" >> authorized_keys &&
cat john_rsa.pub >> authorized_keys &&
cat authorized_keys &&
service ssh restart &&
echo ">>> Done"
Is the above script is correct to acheive what I want ?
I tried connect with UN : john, and the key generated john_rsa.
I got
Thanks to @marosg and @Takkat
Here is my updated script
adduser -m john &&
cd ~/.ssh/ &&
rm -rf tmp_rsa* &&
ssh-keygen -t rsa -b 4096 -C "john@email.com" -N '' -f john_rsa &&
echo "#tmp_rsa" >> ~john/.ssh/authorized_keys &&
cat john_rsa.pub >> ~john/.ssh/authorized_keys &&
cat authorized_keys &&
echo ">>> Done"
command-line bash scripts ssh
edited 2 days ago
pa4080
14k52564
asked Jan 23 at 19:02
kyokyo
12210
I'm working a script that create user and add a key for that user
so he can use that key with his username to SSH into my VM
Ex. user = john
useradd -m john &&
cd ~/.ssh/ &&
rm -rf tmp_rsa* &&
ssh-keygen -t rsa -b 4096 -C "john@email.com" -N '' -f john_rsa &&
echo "#tmp_rsa" >> authorized_keys &&
cat john_rsa.pub >> authorized_keys &&
cat authorized_keys &&
service ssh restart &&
echo ">>> Done"
Is the above script is correct to acheive what I want ?
I tried connect with UN : john, and the key generated john_rsa.
I got
Thanks to @marosg and @Takkat
Here is my updated script
adduser -m john &&
cd ~/.ssh/ &&
rm -rf tmp_rsa* &&
ssh-keygen -t rsa -b 4096 -C "john@email.com" -N '' -f john_rsa &&
echo "#tmp_rsa" >> ~john/.ssh/authorized_keys &&
cat john_rsa.pub >> ~john/.ssh/authorized_keys &&
cat authorized_keys &&
echo ">>> Done"
command-line bash scripts ssh
command-line bash scripts ssh
edited 2 days ago
pa4080
14k52564
asked Jan 23 at 19:02
kyokyo
12210
edited 2 days ago
pa4080
14k52564
asked Jan 23 at 19:02
kyokyo
12210
edited 2 days ago
pa4080
14k52564
edited 2 days ago
pa4080
14k52564
edited 2 days ago
pa4080
14k52564
14k52564
asked Jan 23 at 19:02
kyokyo
12210
asked Jan 23 at 19:02
kyokyo
12210
asked Jan 23 at 19:02
kyokyo
12210
12210
The commanduseraddwill not create a home directory for john, butadduserwill. See askubuntu.com/questions/139304/…
– Takkat
Jan 23 at 19:39
@Takkat what about the-m?
– kyo
Jan 23 at 19:45
@Takkat : What you think of my updated script ?
– kyo
Jan 23 at 19:47
There is no option-min Ubuntu. The home directory will be created by default in/home/- after that it appears you may want to create your keys as userjohn.
– Takkat
Jan 23 at 19:55
So this should do right ?adduser -m john
– kyo
Jan 23 at 20:20
|
show 1 more comment
The commanduseraddwill not create a home directory for john, butadduserwill. See askubuntu.com/questions/139304/…
– Takkat
Jan 23 at 19:39
@Takkat what about the-m?
– kyo
Jan 23 at 19:45
@Takkat : What you think of my updated script ?
– kyo
Jan 23 at 19:47
There is no option-min Ubuntu. The home directory will be created by default in/home/- after that it appears you may want to create your keys as userjohn.
– Takkat
Jan 23 at 19:55
So this should do right ?adduser -m john
– kyo
Jan 23 at 20:20
The command
useradd will not create a home directory for john, but adduser will. See askubuntu.com/questions/139304/…– Takkat
Jan 23 at 19:39
The command
useradd will not create a home directory for john, but adduser will. See askubuntu.com/questions/139304/…– Takkat
Jan 23 at 19:39
@Takkat what about the
-m ?– kyo
Jan 23 at 19:45
@Takkat what about the
-m ?– kyo
Jan 23 at 19:45
@Takkat : What you think of my updated script ?
– kyo
Jan 23 at 19:47
@Takkat : What you think of my updated script ?
– kyo
Jan 23 at 19:47
There is no option
-m in Ubuntu. The home directory will be created by default in /home/ - after that it appears you may want to create your keys as user john.– Takkat
Jan 23 at 19:55
There is no option
-m in Ubuntu. The home directory will be created by default in /home/ - after that it appears you may want to create your keys as user john.– Takkat
Jan 23 at 19:55
So this should do right ?
adduser -m john– kyo
Jan 23 at 20:20
So this should do right ?
adduser -m john– kyo
Jan 23 at 20:20
|
show 1 more comment
1 Answer
1
active
oldest
votes
There are couple of things wrong here:
you create user john and then you do nothing with this user any more
You are adding keys to YOUR user
remote user who needs to login here needs the private key from ssh keypair on the machine from which he is connecting
there is no need to restart ssh service after adding keys
What you need on client side
- user generates ssh keypair and provides you public key of this keypair
(ssh-keygen ...; cat id_rsa.pub)
What you need on server side is
add user john
add the public key provided by user to ~john/.ssh/authorized_keys
(echo id_rsa.pub_provided_by_remote_user >> ~john/.ssh/authorized_keys)
answered Jan 23 at 19:16
marosgmarosg
35927
I want to do the whole things in 1 script, can you help me adjust what I got. I can update what I got now base on your suggestion, and update my post. Is it ok ?
– kyo
Jan 23 at 19:44
What you think of my updated script ?
– kyo
Jan 23 at 19:47
If you and that other user are two different humans, it is not possible to do this in one script securely. 1 . User John creates keypair on his machine, there is private key, which is secret and he keeps it on his machine. There is public key, which he sends you as a text 2. On server you create user john and then put that public key to his ~john/.ssh/authorized_keys Above you usecd ~/.ssh/which means you are working in YOUR .ssh directory, you need to use ~john/.ssh
– marosg
2 days ago
If user John has Launchpad account then you can use ssh-import and he does not need to send you his public key but I think this would be too complicated to your setup.
– marosg
2 days ago
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1112315%2fcreate-user-and-ssh-key-via-script%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
There are couple of things wrong here:
you create user john and then you do nothing with this user any more
You are adding keys to YOUR user
remote user who needs to login here needs the private key from ssh keypair on the machine from which he is connecting
there is no need to restart ssh service after adding keys
What you need on client side
- user generates ssh keypair and provides you public key of this keypair
(ssh-keygen ...; cat id_rsa.pub)
What you need on server side is
add user john
add the public key provided by user to ~john/.ssh/authorized_keys
(echo id_rsa.pub_provided_by_remote_user >> ~john/.ssh/authorized_keys)
answered Jan 23 at 19:16
marosgmarosg
35927
I want to do the whole things in 1 script, can you help me adjust what I got. I can update what I got now base on your suggestion, and update my post. Is it ok ?
– kyo
Jan 23 at 19:44
What you think of my updated script ?
– kyo
Jan 23 at 19:47
If you and that other user are two different humans, it is not possible to do this in one script securely. 1 . User John creates keypair on his machine, there is private key, which is secret and he keeps it on his machine. There is public key, which he sends you as a text 2. On server you create user john and then put that public key to his ~john/.ssh/authorized_keys Above you usecd ~/.ssh/which means you are working in YOUR .ssh directory, you need to use ~john/.ssh
– marosg
2 days ago
If user John has Launchpad account then you can use ssh-import and he does not need to send you his public key but I think this would be too complicated to your setup.
– marosg
2 days ago
add a comment |
There are couple of things wrong here:
you create user john and then you do nothing with this user any more
You are adding keys to YOUR user
remote user who needs to login here needs the private key from ssh keypair on the machine from which he is connecting
there is no need to restart ssh service after adding keys
What you need on client side
- user generates ssh keypair and provides you public key of this keypair
(ssh-keygen ...; cat id_rsa.pub)
What you need on server side is
add user john
add the public key provided by user to ~john/.ssh/authorized_keys
(echo id_rsa.pub_provided_by_remote_user >> ~john/.ssh/authorized_keys)
answered Jan 23 at 19:16
marosgmarosg
35927
I want to do the whole things in 1 script, can you help me adjust what I got. I can update what I got now base on your suggestion, and update my post. Is it ok ?
– kyo
Jan 23 at 19:44
What you think of my updated script ?
– kyo
Jan 23 at 19:47
If you and that other user are two different humans, it is not possible to do this in one script securely. 1 . User John creates keypair on his machine, there is private key, which is secret and he keeps it on his machine. There is public key, which he sends you as a text 2. On server you create user john and then put that public key to his ~john/.ssh/authorized_keys Above you usecd ~/.ssh/which means you are working in YOUR .ssh directory, you need to use ~john/.ssh
– marosg
2 days ago
If user John has Launchpad account then you can use ssh-import and he does not need to send you his public key but I think this would be too complicated to your setup.
– marosg
2 days ago
add a comment |
There are couple of things wrong here:
you create user john and then you do nothing with this user any more
You are adding keys to YOUR user
remote user who needs to login here needs the private key from ssh keypair on the machine from which he is connecting
there is no need to restart ssh service after adding keys
What you need on client side
- user generates ssh keypair and provides you public key of this keypair
(ssh-keygen ...; cat id_rsa.pub)
What you need on server side is
add user john
add the public key provided by user to ~john/.ssh/authorized_keys
(echo id_rsa.pub_provided_by_remote_user >> ~john/.ssh/authorized_keys)
answered Jan 23 at 19:16
marosgmarosg
35927
There are couple of things wrong here:
you create user john and then you do nothing with this user any more
You are adding keys to YOUR user
remote user who needs to login here needs the private key from ssh keypair on the machine from which he is connecting
there is no need to restart ssh service after adding keys
What you need on client side
- user generates ssh keypair and provides you public key of this keypair
(ssh-keygen ...; cat id_rsa.pub)
What you need on server side is
add user john
add the public key provided by user to ~john/.ssh/authorized_keys
(echo id_rsa.pub_provided_by_remote_user >> ~john/.ssh/authorized_keys)
answered Jan 23 at 19:16
marosgmarosg
35927
answered Jan 23 at 19:16
marosgmarosg
35927
answered Jan 23 at 19:16
marosgmarosg
35927
answered Jan 23 at 19:16
marosgmarosg
35927
35927
I want to do the whole things in 1 script, can you help me adjust what I got. I can update what I got now base on your suggestion, and update my post. Is it ok ?
– kyo
Jan 23 at 19:44
What you think of my updated script ?
– kyo
Jan 23 at 19:47
If you and that other user are two different humans, it is not possible to do this in one script securely. 1 . User John creates keypair on his machine, there is private key, which is secret and he keeps it on his machine. There is public key, which he sends you as a text 2. On server you create user john and then put that public key to his ~john/.ssh/authorized_keys Above you usecd ~/.ssh/which means you are working in YOUR .ssh directory, you need to use ~john/.ssh
– marosg
2 days ago
If user John has Launchpad account then you can use ssh-import and he does not need to send you his public key but I think this would be too complicated to your setup.
– marosg
2 days ago
add a comment |
I want to do the whole things in 1 script, can you help me adjust what I got. I can update what I got now base on your suggestion, and update my post. Is it ok ?
– kyo
Jan 23 at 19:44
What you think of my updated script ?
– kyo
Jan 23 at 19:47
If you and that other user are two different humans, it is not possible to do this in one script securely. 1 . User John creates keypair on his machine, there is private key, which is secret and he keeps it on his machine. There is public key, which he sends you as a text 2. On server you create user john and then put that public key to his ~john/.ssh/authorized_keys Above you usecd ~/.ssh/which means you are working in YOUR .ssh directory, you need to use ~john/.ssh
– marosg
2 days ago
If user John has Launchpad account then you can use ssh-import and he does not need to send you his public key but I think this would be too complicated to your setup.
– marosg
2 days ago
I want to do the whole things in 1 script, can you help me adjust what I got. I can update what I got now base on your suggestion, and update my post. Is it ok ?
– kyo
Jan 23 at 19:44
I want to do the whole things in 1 script, can you help me adjust what I got. I can update what I got now base on your suggestion, and update my post. Is it ok ?
– kyo
Jan 23 at 19:44
What you think of my updated script ?
– kyo
Jan 23 at 19:47
What you think of my updated script ?
– kyo
Jan 23 at 19:47
If you and that other user are two different humans, it is not possible to do this in one script securely. 1 . User John creates keypair on his machine, there is private key, which is secret and he keeps it on his machine. There is public key, which he sends you as a text 2. On server you create user john and then put that public key to his ~john/.ssh/authorized_keys Above you use
cd ~/.ssh/ which means you are working in YOUR .ssh directory, you need to use ~john/.ssh– marosg
2 days ago
If you and that other user are two different humans, it is not possible to do this in one script securely. 1 . User John creates keypair on his machine, there is private key, which is secret and he keeps it on his machine. There is public key, which he sends you as a text 2. On server you create user john and then put that public key to his ~john/.ssh/authorized_keys Above you use
cd ~/.ssh/ which means you are working in YOUR .ssh directory, you need to use ~john/.ssh– marosg
2 days ago
If user John has Launchpad account then you can use ssh-import and he does not need to send you his public key but I think this would be too complicated to your setup.
– marosg
2 days ago
If user John has Launchpad account then you can use ssh-import and he does not need to send you his public key but I think this would be too complicated to your setup.
– marosg
2 days ago
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1112315%2fcreate-user-and-ssh-key-via-script%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
The command
useraddwill not create a home directory for john, butadduserwill. See askubuntu.com/questions/139304/…– Takkat
Jan 23 at 19:39
@Takkat what about the
-m?– kyo
Jan 23 at 19:45
@Takkat : What you think of my updated script ?
– kyo
Jan 23 at 19:47
There is no option
-min Ubuntu. The home directory will be created by default in/home/- after that it appears you may want to create your keys as userjohn.– Takkat
Jan 23 at 19:55
So this should do right ?
adduser -m john– kyo
Jan 23 at 20:20