search

ucd-library / csus-sp-2018

This repository holds overall Information and project planning for the 2018 CSUS Senior Design Project
MIT License
0 stars 0 forks source link

Create user accounts, #1

Closed qjhart closed 6 years ago

qjhart commented 6 years ago

We have the following team members:

Person User Name email
James jamesrhodesCSUS rushrhodey@gmail.com
Nima NimaSarraf nimsarraf@gmail.com
Eli EliCruz elirichner@gmail.com
Chas ctlevinsky ctlevinsky@gmail.com
Ehsan ehsankhaligh khaligh.ehsan@yahoo.com
Derek Maggio DerekMaggio derek.j.maggio@gmail.com

Adding users to the development computer csus-dev.library.ucdavis.edu


users="jamesrhodesCSUS NimaSarraf EliCruz ctlevinsky ehsankhaligh DerekMaggio"

for u in $users; do
  lc=$(echo $u | tr [:upper:] [:lower:]);
  adduser --quiet --gecos '' --disabled-password $lc;
  adduser $lc sshusers;
  su -c ' ssh-keygen -N "" -f ~/.ssh/nopw;' $lc
  su -c "http https://api.github.com/users/$u/keys | jq -r '.[].key' >> ~/.ssh/authorized_keys" $lc
  su -c 'chmod 600 ~/.ssh/authorized_keys' $lc
done
qjhart commented 6 years ago

Note the above uses lowercase, and also note not all users have added keys:

root@csus-dev:/home# ls -l /home/*/.ssh/authorized_keys
-rw------- 1 ctlevinsky      ctlevinsky      381 Apr  6 15:03 /home/ctlevinsky/.ssh/authorized_keys
-rw------- 1 derekmaggio     derekmaggio     725 Apr  6 15:03 /home/derekmaggio/.ssh/authorized_keys
-rw------- 1 ehsankhaligh    ehsankhaligh    381 Apr  6 15:03 /home/ehsankhaligh/.ssh/authorized_keys
-rw------- 1 elicruz         elicruz           0 Apr  6 15:03 /home/elicruz/.ssh/authorized_keys
-rw------- 1 jamesrhodescsus jamesrhodescsus 725 Apr  6 15:03 /home/jamesrhodescsus/.ssh/authorized_keys
-rw-r--r-- 1 jrmerz          jrmerz          762 Apr  6 14:44 /home/jrmerz/.ssh/authorized_keys
-rw------- 1 nimasarraf      nimasarraf        0 Apr  6 15:03 /home/nimasarraf/.ssh/authorized_keys
-rw------- 1 qjhart          qjhart          390 Apr  5 11:16 /home/qjhart/.ssh/authorized_keys
jrmerz commented 6 years ago

I see how it is... everyone gets to read Justin's keys.

qjhart commented 6 years ago

Certainly not ! 

root@csus-dev:/home/jrmerz# ls -ld ~jrmerz/.ssh
drwx------ 2 jrmerz jrmerz 4096 Apr  6 14:43 /home/jrmerz/.ssh
qjhart commented 6 years ago

@NimaSarraf, you still have no keys in github.

NimaSarraf commented 6 years ago

Hi Quinn,

I just added a key to my account. Please let me know if you can access it.

On Mon, Apr 16, 2018, 5:32 PM Quinn Hart notifications@github.com wrote:

@NimaSarraf https://github.com/NimaSarraf, you still have no keys in github.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/ucd-library/csus-sp-2018/issues/1#issuecomment-381791949, or mute the thread https://github.com/notifications/unsubscribe-auth/ARAoxV7H97_RN0D1R-7lQwWMMOU0ITvZks5tpTgigaJpZM4TKtzJ .

qjhart commented 6 years ago

@ucd-library/csus most of you now have ssh keys installed on this machine. Note EliCruz has not yet accepted the github invitation, and also has no keys installed.

You should be able to login now. On a *nux machine this should work.

# assuming you've stored your private key in ~/.ssh/github
# If you're ssh-agent is not running... eval $(ssh-agent)
ssh-add ~.ssh/github
ssh -X qjhart@csus-dev.library.ucdavis.edu  # Your Username here

You should login directly. With X11 you should be able to run atom or subl, though this could be slow based on your connection.

Currently no one has logged in.

root@csus-dev:~# lastlog | tail -8
qjhart           pts/1    169.237.102.49   Tue Apr 17 09:45:47 -0700 2018
jrmerz           pts/1    23.243.63.7      Fri Apr  6 14:48:46 -0700 2018
jamesrhodescsus                            **Never logged in**
nimasarraf                                 **Never logged in**
elicruz                                    **Never logged in**
ctlevinsky                                 **Never logged in**
ehsankhaligh                               **Never logged in**
derekmaggio                                **Never logged in**
qjhart commented 6 years ago

@ctlevinsky @DerekMaggio you've both been added to the sudo group. This is a debian sid version, so updates come often. You can apt-get upgrade and apt-get install foo pretty much at will, but don't apt-get dist-upgrade without pulling and issue. Also, no window managers plz w/put pulling an issue.

DerekMaggio commented 6 years ago

@qjhart I am trying to change my password using

passwd derekmaggio

But it is requiring a password which I never had to setup since I am using my ssh key to login. Am I missing a step?

qjhart commented 6 years ago

@DerekMaggio shouldn't ever need a passwd. But if you want to add one, you can do that via sudo

qjhart commented 6 years ago

We had two users lose their SSH keys, and new ones need to be added. This can be done with:

users="ctlevinsky DerekMaggio"
for u in $users; do
  lc=$(echo $u | tr [:upper:] [:lower:]);
  su -c "http https://api.github.com/users/$u/keys | jq -r '.[].key' >> ~/.ssh/authorized_keys" $lc
done

Hmm, It looks like DerekMaggio added a new key, but ctlevinsky has only one key, and it's the same as before.

@DerekMaggio / @ctlevinsky can you verify you can now login?

DerekMaggio commented 6 years ago

@qjhart I am in. Thanks!