X-Git-Url: https://git.josue.xyz/?a=blobdiff_plain;f=ssh-adduser%2FREADME.md;h=06b282a19328827e5d4bd228459d4d46bd65b99d;hb=89e0e89d8934850cf3a421034d8a21f15880d864;hp=133d22bd16575852727e03c95bd7075bd04a1dc5;hpb=cd900667cb0aa8008f9335ad0bc2437023ad68e9;p=webi-installers%2F.git

diff --git a/ssh-adduser/README.md b/ssh-adduser/README.md
index 133d22b..06b282a 100644
--- a/ssh-adduser/README.md
+++ b/ssh-adduser/README.md
@@ -4,55 +4,60 @@ homepage: https://webinstall.dev/ssh-adduser
 tagline: |
   SSH adduser: Because friends don't let friends login or run stuff as root
 linux: true
-description: |
-  Many modern web programs (`npm` and `postgres`, for example) will not function correctly if run as root.
+---
 
-  `ssh-adduser` will
+## Cheat Sheet
 
-    1. add the user `me`
-    2. sets a random, 32-character password (as a failsafe)
-    3. copy the `root` user's **`~/.ssh/authorized_keys`** (so the same users can still login)
-    4. gives the `me` user `sudo` (admin) privileges
-    5. allows `me` to `sudo` without a password
----
+> Many modern web programs (`npm` and `postgres`, for example) will not function
+> correctly if run as root.
+
+`ssh-adduser` will
+
+1. add the user `app`
+2. set a random, 32-character password (as a failsafe)
+3. copy the `root` user's **`~/.ssh/authorized_keys`** (so the same users can
+   still login)
+4. give the `app` user `sudo` (admin) privileges
+5. allow `app` to `sudo` without a password
 
-How to create a new user named 'me':
+How to create a new user named 'app':
 
 ```bash
-# Note: --disable-password means that the user cannot yet login
-adduser --disabled-password --gecos "" me
+# --disable-password prevents a password prompt
+# --gecos "" skips the useless questions
+adduser --disabled-password --gecos "" app
 ```
 
 How to create a and set a random password:
 
 ```bash
-# store a random 16-byte password into 'my_password'
+# sets 'my_password' to 32 random hex characters (16 bytes)
 my_password=$(openssl rand -hex 16)
 
-# use 'my_password' to set the user 'me's password
-printf "$my_password"'\n'"$my_password" | passwd me
+# uses 'my_password' for to reset and confirm 'app's password
+printf "$my_password"'\n'"$my_password" | passwd app
 ```
 
-How to make the user 'me' a "sudo"er (an admin):
+How to make the user 'app' a "sudo"er (an admin):
 
 ```bash
-adduser me sudo
+adduser app sudo
 ```
 
-How to allow 'me' to run sudo commands without a password:
+How to allow 'app' to run sudo commands without a password:
 
 ```bash
-echo "me ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/me
+echo "app ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/app
 ```
 
 How to copy allowed keys from root to the new user:
 
 ```bash
-mkdir -p /home/me/.ssh/
-chmod 0700 /home/me/.ssh/
+mkdir -p /home/app/.ssh/
+chmod 0700 /home/app/.ssh/
 
-cat "$HOME/.ssh/authorized_keys" >> /home/me/.ssh/authorized_keys
-chmod 0600 /home/me/.ssh/authorized_keys
+cat "$HOME/.ssh/authorized_keys" >> /home/app/.ssh/authorized_keys
+chmod 0600 /home/app/.ssh/authorized_keys
 
-chown -R me:me /home/me/.ssh/
+chown -R app:app /home/app/.ssh/
 ```