SSH adduser: Because friends don't let friends login or run stuff as root
https://webinstall.dev/ssh-adduser| Installer Source| Releases (json) (tab)
SSH adduser: Because friends don't let friends login or run stuff as root
https://webinstall.dev/ssh-adduser| Installer Source| Releases (json) (tab)
Many modern web programs (
npmandpostgres, for example) will not function correctly if run as root.
ssh-adduser will
approot user's ~/.ssh/authorized_keys (so the same users can
still login)app user sudo (admin) privilegesapp to sudo without a passwordHow to create a new user named 'app':
# --disable-password prevents a password prompt
# --gecos "" skips the useless questions
adduser --disabled-password --gecos "" app
How to create a and set a random password:
# sets 'my_password' to 32 random hex characters (16 bytes)
my_password=$(openssl rand -hex 16)
# uses 'my_password' for to reset and confirm 'app's password
printf "$my_password"'\n'"$my_password" | passwd app
How to make the user 'app' a "sudo"er (an admin):
adduser app sudo
How to allow 'app' to run sudo commands without a password:
echo "app ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/app
How to copy allowed keys from root to the new user:
mkdir -p /home/app/.ssh/
chmod 0700 /home/app/.ssh/
cat "$HOME/.ssh/authorized_keys" >> /home/app/.ssh/authorized_keys
chmod 0600 /home/app/.ssh/authorized_keys
chown -R app:app /home/app/.ssh/