| 123456789101112131415161718192021222324252627282930 |
- #!/bin/sh
- set -e
- if [ ! -f "$SSHD_HOST_KEYS_DIR/rsa" ]; then
- ssh-keygen -t rsa -b 4096 -N '' -C '' -f "$SSHD_HOST_KEYS_DIR/rsa"
- fi
- if [ -z "$USERS" ]; then
- echo '$USERS is not set'
- exit 1
- fi
- IFS=','
- for USER in $USERS; do
- if ! id "$USER" 2>/dev/null >/dev/null ; then
- (set -x; adduser -D "$USER")
- # default after `adduser -D`: !
- # > User alice not allowed because account is locked
- # `passwd -u` sets an empty password,
- # so better insert '*' manually
- # https://unix.stackexchange.com/a/193131/155174
- sed -i "s/^${USER}:!:/${USER}:*:/" /etc/shadow
- fi
- done
- set -x
- sed -i "s/^AllowUsers .*/AllowUsers ${USERS//,/ }/" /etc/ssh/sshd_config
- exec "$@"
|
