master
Raw Download raw file 
 1#!/bin/bash
 2
 3# v0.02 ------
 4#		Actually Works
 5#		Added helpful pauses and instructions
 6#		Nicer output
 7#		Improved automation
 8
 9# v0.01 ------
10#		Initial Version
11
12# This script is for setting up a new user on a remote Virtual Private Server.
13
14# Setup for Ubuntu (apt-get) but should be easy change
15# It's mostly generic linux commands
16
17# Usually VPS’s will give you a root login and this
18# script will get you setup with an admin user that
19# is a sudoer.
20
21# make sure we're root then begin
22if [[ $EUID -ne 0 ]]; then
23	echo "You must be a root user" 2>&1
24  	exit 1
25else
26	clear
27        echo -e "\nWelcome to the VPS Startup Script!\n"
28
29	# get the user name
30	echo -n "Enter the username: "
31	read name
32	echo -e "$name it is!\n"
33
34	# add a user (logged in as root)
35	echo -e "Adding user : $name"
36	useradd $name -s /bin/bash -d /home/$name -m
37	echo -e "\nPassword Setup"
38	passwd $name
39
40	# ubuntu doesnt ship with %admin group anymore
41	# so we need to add the group and add it to sudoers
42	# and add [user to it]
43	echo -e "\nAdding to %admin and sudoers"
44	touch /etc/sudoers.d/admin
45	echo "%admin ALL=(ALL) ALL" >> /etc/sudoers.d/admin
46	chmod 0440 /etc/sudoers.d/admin
47	groupadd admin
48	usermod -g admin $name
49
50	# su [user] or relog as [user]
51	echo -e "\nsu'ing to $user to test sudo with update/upgrade"
52	su - $name -c whoami
53	su - $name -c "sudo apt-get update --assume-yes"
54	su - $name -c "sudo apt-get upgrade --assume-yes"
55	su - $name -c "sudo apt-get install dnsutils --assume-yes"
56
57	# remove password based and root login
58	# also make sure they are uncommented (no # in front)
59	echo -e "\nChange / Ensure these lines in sshd_config :"
60	echo "	> PermitRootLogin no"
61	echo "	> PasswordAuthentication no"
62	read -p "Press any key when ready..."
63	sudo nano /etc/ssh/sshd_config
64
65	# on your home machine, setup a ssh key and
66	# then authorize it on the server
67	# after this you should not be prompted for a password
68	# so long as you have the private key in your ~/.ssh folder
69	echo -e "\nNow on your local machine run these commands"
70	echo -e "to authenticate your keys with this server"
71	echo "$ mkdir ~/.ssh"
72	echo "$ chmod 700 ~/.ssh"
73	echo "$ ssh-keygen -t rsa"
74	echo "$ ssh-copy-id $name@<host> 	# REQUIRED"
75
76	read -p "Press any key when you're authenticated..."
77	echo -e "\nYou sure you did it correct?"
78	read -p "Login without a password to be sure."
79	echo -e "\nLocked out from your new user?"
80	read -p "Edit /etc/ssh/sshd_config to re-enable password login"
81
82
83	# restart the sshd to comit changes
84	echo -e "\nRestarting ssh daemon"
85	sudo /etc/init.d/ssh restart
86
87	echo -e "\nSetup Complete!"
88fi