Secure Deployment

by levlaz
9 deployments · 4 still active · last rev. 2 years ago

This Script Creates a new User who is added to the sudo group. It then does the following:

1) Places the new user's SSH key into their .ssh/authorized_keys folder to allow for logging in with the public key
2) Disables Root Login
3) Disables Password Authentication

This should work on any Linux distribution.

Compatible with: CentOS 7, CentOS 5.6, CentOS 6.8, Debian 7, Ubuntu 12.04 LTS, Ubuntu 14.04 LTS
# <UDF name="username" Label="New User Name" />
# <UDF name="userpass" Label="New User Password" />
# <UDF name="userpubkey" Label="SSH Key" />

source <ssinclude StackScriptID="1">

user_add_sudo "$USERNAME" "$USERPASS"
user_add_pubkey "$USERNAME" "$USERPUBKEY"

# Disable Root Access 
sed -i 's/PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config

# Disable Password Authentication 
sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config

#Adds ssh to restart list 
touch /tmp/restart-ssh