Home / server / Questions / 838402
Accepted
Matt B
Asked: 2017-03-16 03:30:37 +0800 CST

Newbie Sys Admin - Bash Script Assistance

  • 772

I am a new sys admin who is learning the role as I go. I have a bash script here that I cant get to work. This is just a test script as its my first one so I know setting authorized_keys to 777 is unwise but I am just doing it to check if my script works for now.

I am using LDAP with passwords so SSH onto a remote device with keys isnt ideal so I am using ssh pass.

This code works up to useradd, then it doesnt mkdir .ssh, doesnt touch/create authorized_keys, and doesnt change the file permissions.

Why?

#!/bin/bash -x


username="test"


echo Enter server IP:
read server
sshpass -p randompassword ssh myusername@$server sudo -i 'useradd test1;
echo $username user added, press any key to continue;
read;
sudo -i;
mkdir /home/test1/.ssh;
cd /home/test1/.ssh;
touch authorized_keys;
chmod 777 authorized_keys'

Im probably not understanding something about bash scripting correctly but all these commands need to run on the remote machine.

linux scripting bash

2 Answers

  1. If you want to "manage multiple servers," Bash scripts are the wrong approach, since you self-admitted that you are new, learn a CMS like Puppet, manage your servers with a real Configuration Management System. Think big about your appraoch to systems management, don't ask yourself, "How do I fix this little problem/task, think How can I manage ALL my servers from one place and ensure I have a consistent configuration on all of them.

    Think of it in this context, lets say you get this script to work, then you decide you want to remove the "test 1" account, now you need to write another script. whereas in a CMS, you could add the user with: 

      @user {"test1":
    ensure      => present,
    #password    => 'hashed_value'
    comment     => "Test User",
    groups      => "wheel",
    managehome  => true,
  }

    Then if you decide the delete the user later, change the config to:

     @user {"test1":
    ensure      => absent,
  }

    Call or "realize" this resource on all the servers you want and your done, have an extra cup of coffee and pat yourself on the back for reducing your time on task by 95%. Keep all your configurations in Subversion, or some other Revision Control System and keep notes on why you changed this, who asked you to do it and when. So when your boss asks, why did you delete the test1 account on all the servers, you can look at your note and say, because you asked me to in an email on 3/15. Work smart, not hard.

    Good Luck.

    • 4
  2. Best Answer

    Remove ´sudo -i´ line and put only ´sudo´ before every command you need.

    Example:

    sudo mkdir /home/test1/.ssh;
cd /home/test1/.ssh;
sudo touch authorized_keys;
sudo chmod 777 authorized_keys'
    • 1