* Bug with existing ssh key but not in ssh authorized_file
The correct public key location was not set for the existing file
* Bug with attr set on authorzied_file update if central location
If a central location the +i attrib must be removed first
It will set always in the folder rights change
* Change the authorized file group to root for central file location
* new detect for central authorized keys folder
1) must have %u set in the AuthorizedKeysFile list
2) folder must exists (will not be created, if not exists abort)
If above is set, it will create a username file with the ssh key in there
and lock it down as r--/user and +i attrib
else uses old .ssh folder form
* fix for user add with different home base folder
add this as option for the useradd command
If /home is eg located in /storge then we can now set a prefix for this.
Option -h or via config setting in "user_create.cfg" named
HOME_LOCATION="/path"
Note: Path has to be prefix with /. Any sub folders in home will be
ignored and the user is always created in /home/user.name
Group names as sub folders in /home are not supported
Make sure that lock script reejcts core users
(root/ec2-user/admin/ubuntu)
Unlock script works reverse with also optional check in user_list.txt
for ssh allow/foward group type
Internal:
rename all $user to $username
Add a user lock script to move users from ssh allow/foward group to ssh
reject group.
Rename user_create.sh script to create_user.sh script and add new ssh
allow/foward flag in user_list.txt file after group block and before
password name block
Update check last login script with better add/remove from groups
