update info about command

[webi-installers/.git] / ssh-utils / ssh-adduser.sh

diff --git a/ssh-utils/ssh-adduser.sh b/ssh-utils/ssh-adduser.sh
index b9da2ec513177b8326ffe1cb958a1dfaf0012860..e6c71126f612a60d17994a3783c17dd29c6caf40 100644 (file)
--- a/ssh-utils/ssh-adduser.sh
+++ b/ssh-utils/ssh-adduser.sh
@@ -21,16 +21,22 @@
     adduser --disabled-password --gecos "" me
     my_password=$(openssl rand -hex 16)
     printf "$my_password"'\n'"$my_password" | passwd me
+
+    # make 'me' a sudo-er (admin)
     adduser me sudo
     echo "me ALL=(ALL:ALL) NOPASSWD: ALL" | tee /etc/sudoers.d/me
-    sudo -i -u me bash -c 'ssh-keygen -b 2048 -t rsa -f /home/me/.ssh/id_rsa -q -N ""'
+
+    # allow users who can already login as 'root' to login as 'me'
     mkdir -p /home/me/.ssh/
     chmod 0700 /home/me/.ssh/
     cp -r "$HOME/.ssh/authorized_keys" /home/me/.ssh/
     chmod 0600 /home/me/.ssh/authorized_keys
     chown -R me:me /home/me/.ssh/
 
-    # Install webi for the new user
+    # ensure that 'me' has an SSH Keypair
+    sudo -i -u me bash -c 'ssh-keygen -b 2048 -t rsa -f /home/me/.ssh/id_rsa -q -N ""'
+
+    # Install webi for the new 'me' user
     sudo -i -u me bash -c 'curl -fsSL https://webinstall.dev/webi | bash' \
         || sudo -i -u me bash -c 'wget -q -O - https://webinstall.dev/webi | bash'