-
Notifications
You must be signed in to change notification settings - Fork 16
/
configure-ssh-user.sh
43 lines (37 loc) · 1.63 KB
/
configure-ssh-user.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
#!/bin/bash
# Set default values for SSH_USERNAME and SSH_PASSWORD if not provided
: ${SSH_USERNAME:=ubuntu}
: ${SSH_PASSWORD:?"Error: SSH_PASSWORD environment variable is not set."}
: ${SSHD_CONFIG_ADDITIONAL:=""}
# Create the user with the provided username and set the password
if id "$SSH_USERNAME" &>/dev/null; then
echo "User $SSH_USERNAME already exists"
else
useradd -ms /bin/bash "$SSH_USERNAME"
echo "$SSH_USERNAME:$SSH_PASSWORD" | chpasswd
echo "User $SSH_USERNAME created with the provided password"
fi
# Set the authorized keys from the AUTHORIZED_KEYS environment variable (if provided)
if [ -n "$AUTHORIZED_KEYS" ]; then
mkdir -p /home/$SSH_USERNAME/.ssh
echo "$AUTHORIZED_KEYS" > /home/$SSH_USERNAME/.ssh/authorized_keys
chown -R $SSH_USERNAME:$SSH_USERNAME /home/$SSH_USERNAME/.ssh
chmod 700 /home/$SSH_USERNAME/.ssh
chmod 600 /home/$SSH_USERNAME/.ssh/authorized_keys
echo "Authorized keys set for user $SSH_USERNAME"
# Disable password authentication if authorized keys are provided
sed -i 's/PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
fi
# Apply additional SSHD configuration if provided
if [ -n "$SSHD_CONFIG_ADDITIONAL" ]; then
echo "$SSHD_CONFIG_ADDITIONAL" >> /etc/ssh/sshd_config
echo "Additional SSHD configuration applied"
fi
# Apply additional SSHD configuration from a file if provided
if [ -n "$SSHD_CONFIG_FILE" ] && [ -f "$SSHD_CONFIG_FILE" ]; then
cat "$SSHD_CONFIG_FILE" >> /etc/ssh/sshd_config
echo "Additional SSHD configuration from file applied"
fi
# Start the SSH server
echo "Starting SSH server..."
exec /usr/sbin/sshd -D