The below code snippet was used to add SSH users to RackSpace cloud CentOS Linux nodes being used as application servers and managed via RightScale. The SSH users were required during a testing phase so they could look through logs and make modifications to specific configuration files, etc. There are three things that have to happen to create the SSH user, allow them to login, and provide them the necessary rights on the server to accomplish their tasks which include adding the user, modifying the sshd config to allow password logins, and update the sudoers file to enable sudo access for wheel group users.
RightScript Used To Add SSH Users During Linux Instance Boot Process:
- #!/bin/bash -e
- # add user
- useradd -m -p $SSH_USER_PASS1 $SSH_USER1 -g wheel
- # add second user
- useradd -m -p $SSH_USER_PASS2 $SSH_USER2 -g wheel
- # modify sshd_config to allow password logins
- /bin/sed -ie "s/PasswordAuthentication no/PasswordAuthentication yes/g" /etc/ssh/sshd_config
- # restart sshd
- /etc/init.d/sshd restart
- # modify sudoers to allow members of wheel group to sudo
- /bin/sed -ie "s/# %wheel\tALL=(ALL)\tALL/%wheel\tALL=(ALL)\tALL/g" /etc/sudoers
The above script actually adds two users so that portion of the script can easily be modified for more or less SSH users. The variables, which include $SSH_USER1, $SSH_USER_PASS1, $SSH_USER2, and $SSH_USER_PASS2, will be required inputs for the ServerTemplate that the RightScript is applied to. Also not that the \t in the sudoers configuration file modification line represents a tab as explained in this article that was previously written on QD. This script should work for multiple Cloud providers and multiple ServerTemplates representing multiple Linux distributions.