Merge branch 'development' into shellecheck-cleanup
This commit is contained in:
Clemens Schwaighofer
18
Readme.md
18
Readme.md
@@ -23,8 +23,15 @@ Alternate download:
|
||||
|
||||
Inside the base folder there are
|
||||
|
||||
- ssh-keygen for temporary holding the PEM/PUB files
|
||||
- zip file which holds the created user list, password and PEM/PUB files
|
||||
- auth-log/: access logs from users for the last login check
|
||||
- bin/: scripts folder
|
||||
- config/: config settings (eg alternative home base folder
|
||||
- log/: user creation and other action logs
|
||||
- ssh-keygen/: PEM keys are stored here during creation and then zip-ed into the zip folder
|
||||
- ssh-keygen-created-pub/: Public keys are stored here and stay here (used for checking)
|
||||
- user_list.txt: users that should exist on this server with various settings
|
||||
- [user_password.YYYYMMDD-HHmmss.txt] temporary file with username and password, zip-ed into the zip folder
|
||||
- zip/: after user creation the password and PEM files are stored in here
|
||||
|
||||
## Config
|
||||
|
||||
@@ -72,12 +79,12 @@ In the `/root/users/` folder there needs to be a file called '*user_list.txt*'
|
||||
|
||||
This is a CSV type file with the following layout
|
||||
|
||||
ID | Username | Group and Sub Group | SSH Access Type | Optional Password | Override host name | Override ssh key type
|
||||
ID | Username | Group and Sub Group | SSH Access Type and No Login flag | Optional Password | Override host name | Override ssh key type
|
||||
-|-|-|-|-|-|-
|
||||
|
||||
1: The ID, Username and Group column must be filled.
|
||||
2: For sub groups add them with a *,* The first group is the master group
|
||||
3: SSH Access type as: allow/forward. allow is default
|
||||
2: For sub groups add them with a MASTER_GROUP,SUB_GROUP_A,SUB_GROUP_B,... The first group is the master group
|
||||
3: SSH Access type as: allow/forward. allow is default, additional separated by | can be a "no_login" to set a no login shell, else bash shell will be set
|
||||
4: If the password column is filled, the string from here will be used as the PEM Key password.
|
||||
5: If a override hostname is set it will be used instead of `hostname`
|
||||
6: If the ssh key type is set, it will override the default *ed25519* type. Only *rsa* is allowed. This is for setting up backwards compatible lists. Change is not recommended
|
||||
@@ -95,6 +102,7 @@ user1;some.name;group-a;allow;;hostname;
|
||||
user2;othername;group-a;allow;;;
|
||||
# I am a comment
|
||||
;username;groupC;allow;setpassword;;
|
||||
;username_c;groupC;allow|no_login;;;
|
||||
...
|
||||
```
|
||||
|
||||
|
||||
Reference in New Issue
Block a user