Secure Deployment

by levlaz
9 deployments · 4 still active · last rev. 1 year ago

This Script Creates a new User who is added to the sudo group. It then does the following:

1) Places the new user's SSH key into their .ssh/authorized_keys folder to allow for logging in with the public key
2) Disables Root Login
3) Disables Password Authentication

This should work on any Linux distribution.

Compatible with: CentOS 7, Debian 7, Ubuntu 14.04 LTS, CentOS 5.6, CentOS 6.5, Ubuntu 12.04 LTS
						#!/bin/bash
# <UDF name="username" Label="New User Name" />
# <UDF name="userpass" Label="New User Password" />
# <UDF name="userpubkey" Label="SSH Key" />


source <ssinclude StackScriptID="1">

system_update 
user_add_sudo "$USERNAME" "$USERPASS"
user_add_pubkey "$USERNAME" "$USERPUBKEY"

# Disable Root Access 
sed -i 's/PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config

# Disable Password Authentication 
sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config

#Adds ssh to restart list 
touch /tmp/restart-ssh

restartServices