Add wildcard to user list txt file to also ignore TEST created files

.gitignore

@@ -1,3 +1,3 @@
 user_list.txt
-user_password*.txt
+user_password*.txt*
 *.zip

bin/create_user.sh

@@ -35,6 +35,11 @@ while getopts ":ti" opt; do
 		i|info)
 			INFO=1;
 			;;
+		\?)
+			echo -e "\n Option does not exist: ${OPTARG}\n";
+			echo "Use -t for test and -i for info";
+			exit 1;
+			;;
 	esac;
 done;
 # hostname for output file only
@@ -52,7 +57,9 @@ output_zip_folder='zip/';
 output_zip="users.${timestamp}.zip"
 ssh_keygen_folder='ssh-keygen/';
 ssh_keygen_folder_created_pub='ssh-keygen-created-pub/';
-ssh_keytype='ed25519';
+# set default key tpye
+default_ssh_keytype='ed25519';
+ssh_keytype='';
 # sshallow or sshforward
 ssh_group='';
 ssh_forward_ok=0;
@@ -148,6 +155,8 @@ while read i; do
 	if [ "${_ssh_keytype}" = "rsa" ]; then
 		ssh_keytype="${_ssh_keytype}";
 		#echo "[!!] BACKWARDS COMPATIBLE RSA TYPE SELECTION [!!]";
+	else
+		ssh_keytype=${default_ssh_keytype};
 	fi;
 	# user & group not set
 	if [ -z "${username}" ] || [ -z "${_group}" ]; then
@@ -205,7 +214,7 @@ while read i; do
 		# Note we only create a password if we need it
 		# password + store pwgen 10 1 -1
 		if [ -z "${_password}" ]; then
-			password=$(printf "%s" $(pwgen 10 1));
+			password=$(printf "%s" $(pwgen 14 1));
 		else
 			echo "! Override password set";
 			password=${_password};

user_create_flow.md

@@ -0,0 +1,95 @@
+# AWS user create flow
+
+* Step 1: check if main group exists
+* Step 2: Add user to user_list.txt
+
+Example:
+
+```txt
+# 2022-12-12
+1;test.foo;group-a;allow
+```
+
+* Step 3: run create script in root/users `bin/create_user.sh`
+
+Not, if unsure use `-t` for testing or `-i` for info only.
+
+Example output for `-i`:
+
+```sh
+$> bin/create_user.sh -i
+User: 'test.foo:group-a();sshallow', SSH: hostname.com#grou-a#test.foo#ed25519.pem
+```
+
+Run output (example):
+
+```sh
+++ Create 'test.foo:group-a()'
+! Override password set
+ > Create ssh key-pair '/root/users/bin/../ssh-keygen/hostname.com#group-a#test.foo#ed25519.pem'
+Generating public/private ed25519 key pair.
+Your identification has been saved in /root/users/bin/../ssh-keygen/hostname.com#group-a#test.foo#ed25519.pem
+Your public key has been saved in /root/users/bin/../ssh-keygen/hostname.com#group-a#test.foo#ed25519.pem.pub
+The key fingerprint is:
+SHA256:IXiHXZrBGuMIHgU34L4DgAwLeFeX37AhQD69TOF1XZI hostname.com: test.foo@group-a
+The key's randomart image is:
++--[ED25519 256]--+
+|+ o++o+o+.o ...o.|
+|*o+..+o*+Bo.  E. |
+|++.+.o*+Xo =     |
+|... ..o* oo .    |
+|. .     S        |
+| . .             |
+|  o              |
+|   .             |
+|                 |
++----[SHA256]-----+
+ > Create .ssh folder
+ > Add public into authorized_keys
+ > Secure folder .ssh and authorized_keys file
+  adding: user_list.txt (stored 0%)
+  adding: user_password.20221202-094351.txt (stored 0%)
+  adding: ssh-keygen/ (stored 0%)
+  adding: ssh-keygen/hostname.com#group-a#test.foo#ed25519.pem (deflated 24%)
+  adding: ssh-keygen/hostname.com#group-a#test.foo#ed25519.pem.pub (deflated 2%)
+Download: /root/users/bin/../zip/users.20221202-094351.zip
+```
+
+* Step 4: Move the zip file to a folder where you can download it
+
+```sh
+$> mv /root/users/bin/../zip/users.20221202-094351.zip /home/<admin user>/
+```
+
+* Step 5: Download ZIP file to local computer and extract
+
+Overwrite user_list.txt file if it exists
+
+In the zup file there are the following files:
+
+* user_password.YYYYMMDD-HHmmss.txt (creation timestamp)
+* ssh-keygen/hostname#group#user#keytype.pem
+* ssh-keygen/hostname#group#user#keytype.pem.pub
+
+The .pem key has to be given to the user, the pub key is for reference only
+
+* Step 6: test login
+
+In the folder where the data was extracted
+
+```sh
+ssh -i ssh-keygen/hostname#group#user#keytype.pem user@hostname
+```
+
+Hand over to the user:
+
+* username
+* hostname
+* PEM key file
+* PEM key password
+
+If the password needs to be removed:
+
+```sh
+ssh-keygen -p -f ssh-keygen/hostname#group#user#keytype.pem -P <old password> -N ""
+```